Asus Reacts to Live Update Utility Hack (A Little Too Late)

Hackers took over Asus updates to send malware, researchers found

Depending on the results of further investigations, "it's very possible that Asus could end up having to recognize their internal security isn't as strong as it needs to be, and has allowed this to happen", Oh said.

"Legitimate ASUS software updates still got pushed to customers during the period the malware was being pushed out, but these legitimate updates were signed with a different certificate".

Kaspersky Lab researchers said they identified more than 600 MAC addresses, and released a tool for people to check whether they were targeted by the attack.

Parliament votes to take control of Brexit agenda
A series of options will be put to MPs, who will vote for or against each in the hope of finding one backed by a majority. If May does ignore parliament, MPs could order her to follow the Brexit plan they have chosen by passing new legislation.

Taiwanese laptop maker Asus unknowingly pushed malware to thousands of computers after one of its servers was hacked previous year, potentially affecting more than one million people, Russian cybersecurity firm Kaspersky Lab said.

The Taiwanese PC giant on Tuesday published a fresh clean version of Live Update, which is a tool that keeps firmware driver and BIOS software up to date, and is bundled with Asus computers. Nor did it acknowledge that Kaspersky notified it of the so-called supply-chain attack, which was first reported by the online news site Motherboard. If the desired address is detected, the malicious update backdoors the PC to download additional malware. The company estimates that around a million users may have been affected by what it describes as "one of the biggest supply-chain incidents ever". Kaspersky said that Asus was "largely unresponsive".

Motherboard subsequently contacted a secondary security company, Symantec, to confirm if its customers received the malicious code. Once enabled, it polls ASUS servers periodically for updates.

MSU's Izzo doesn't apologize for yelling at Henry
Tom Izzo is coaching him for that game and that moment, but he's also coaching him (for) the next time in that moment. The Spartans are set to take part in the Big Ten Battle against Minnesota.

The fact that network adapter MAC addresses were baked into the backdoored Live Update build suggests the snoops behind ShadowHammer were well aware of the internal operations of their target.

In this case, not only did Asus ignore this issue for the past three years despite being warned about it by security researchers, but the company seemingly ignored it once again when existing attacks and not just theoretical ones, were showed to it by Kaspersky.

While the attack may have infected up to a million computers, the ac dual target was much smaller.

Thiem creates history with wild Federer choke
Thiem was playing well and his court position was good, but his serve simply wasn't bothering Federer. Canadian teenager Bianca Andreescu upset Angelique Kerber 6-4, 3-6, 6-4 to win the women's title.

The company simultaneously reiterated the narrow scope of ShadowHammer, noting that the malware targeted a "very small and specific user group". "To achieve this, the attackers had hardcoded a list of MAC addresses in the trojanized samples and this list was used to identify the actual intended targets of this massive operation".

Related News:



Most liked

US House to vote to override Donald Trump veto
Though the list was tentative, Democrats were asserting that GOP lawmakers were endangering local bases to pay for the wall. Trump is trying to shift from the Pentagon's accounts to go to wall-building along the southern border.

Nintendo reportedly releasing two new Switch models this year
Those who are willing to foot the bill early can preorder and preload Duck Game via the Nintendo Switch eShop right now. Nintendo sees the other version, according to claims, as a successor to its ageing hand-held 3DS device.

Injured Cristiano Ronaldo expects to return in one or two weeks
Ronaldo received medical attention on the pitch and had to be replaced by Pizzi after he could not continue. The match finished 1-1 between Portugal and Serbia .

Apple is Making a Credit Card for Some Reason
Your card's numbers are, of course, still available: you'll just have to look them up in the Wallet app on your iPhone. Apple announced a credit card on Monday, backed by Goldman Sachs' banking engine and the MasterCard payment network.

Barr: Evidence Mueller Found Not 'Sufficient' To Charge Trump With Obstruction
But Trump and the White House welcomed the report as a "complete exoneration" nonetheless. A senior Justice Department official says Mueller was not consulted about the letter.

Russian Federation sends military planes to Venezuela
After the arrival of Russian Defence Ministry officials in Caracas, media reported that Venezuela had deployed S-300 systems. The cargo plane left Caracas on Sunday afternoon, according to Adsbexchange, another flight-tracking site.

Is an all-you-can-eat magazine subscription
As we are getting closer to the event, Apple video streaming service is looking to be less interesting than previously rumored. Even producers of Apple's shows are unsure about numerous details about when and how audiences will be able to see their work.

Another Parkland Shooting Survivor Reportedly Takes Their Own Life
She also said her daughter struggled to attend her university classes because she was scared to be in a classroom . It is the second time in one week that a survivor of the shooting at Marjory Stoneman Douglas died by suicide.

Trump to Nominate Stephen Moore for Fed Board
Moore had earlier predicted in 2010 that the Fed's low rates would ignite inflation, and he advised investors to buy gold. As a TV commentator, Moore has been an anti-tax conservative and fiscal hawk.

Christchurch to Hold Remembrance Service for Shooting Victims on 29 March - PM
"In the week since the unprecedented terror attack there has been an outpouring of grief and love in our country", Ardern said . Many people responded to the tweet , with one person saying: "Our PM reflects the hearts of the New Zealand people".

Teachers were reportedly shot with pellet guns at an active shooter training
Some active shooter drills have ended in controversy as the threat of school shootings have become more common for students . ISTA said in another tweet that teachers were allegedly told not to tell anybody about the incident.

Trump drops new N.Korea sanctions because he 'likes' Kim
Also, New Zealand held a day of remembrance for the 50 people who were shot to death at two mosques last Friday. Chris Van Hollen, D-Md., tweeted that Trump "is being played by Kim Jong Un ".

United States says Maduro using banks as slush funds
Trump has reiterated that "all options" - implicitly including military action - are on the table for dealing with Venezuela . Rodriguez alleged funds in accounts in Bank of America and Banesco Panama were being used in the plot.

Priest stabbed during mass at Canada’s biggest church
She said that security agents intervened rapidly during the attack and prevented it from "degenerating". Church spokeswoman Celine Barbeau said Grou was conscious when he was rushed from the scene.

PM May requests 3 months Brexit delay, European Union pushes back
However the European Commission opposes extending British membership of the EU to June 30, according to an EU document seen by Reuters.