Lucene search
K

8 matches found

The Hacker News
The Hacker News
added 2025/12/18 5:1 a.m.5 views

CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a critical flaw impacting ASUS Live Update to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2025-59374 CVSS score: 9.3, has been described...

9.8CVSS7AI score0.01084EPSS
Exploits0
Securelist
Securelist
added 2019/12/04 10:0 a.m.1490 views

APT review: what the world’s threat actors got up to in 2019

What were the most interesting developments in terms of APT activity during the year and what can we learn from them? This is not an easy question to answer, because researchers have only partial visibility and it´s impossible to fully understand the motivation for some attacks or the development...

7.2CVSS9AI score0.99993EPSS
Exploits45
Schneier on Security
Schneier on Security
added 2019/05/16 6:34 p.m.87 views

More Attacks against Computer Automatic Update Systems

Last month, Kaspersky discovered that Asus's live update system was infected with malware, an operation it called Operation Shadowhammer. Now we learn that six other companies were targeted in the same operation. As we mentioned before, ASUS was not the only company used by the attackers. Studyin...

1.5AI score
Exploits0
Securelist
Securelist
added 2019/04/30 10:0 a.m.87 views

APT trends report Q1 2019

For just under two years, the Global Research and Analysis Team GReAT at Kaspersky Lab has been publishing quarterly summaries of advanced persistent threat APT activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published an...

7.2CVSS0.4AI score0.83524EPSS
Exploits81
Securelist
Securelist
added 2019/04/23 10:0 a.m.86 views

Operation ShadowHammer: a high-profile supply chain attack

In late March 2019, we briefly highlighted our research on ShadowHammer attacks, a sophisticated supply chain attack involving ASUS Live Update Utility, which was featured in a Kim Zetter article on Motherboard. The topic was also one of the research announcements made at the SAS conference, whic...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2019/03/29 10:58 a.m.84 views

Here's the List of ~600 MAC Addresses Targeted in Recent ASUS Hack

EXCLUSIVE — While revealing details of a massive supply chain cyber attack against ASUS customers, Russian security firm Kaspersky last week didn't release the full list all MAC addresses that hackers hardcoded into their malware to surgically target a specific pool of users. Instead, Kaspersky...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2019/03/25 4:15 p.m.3 views

Warning: ASUS Software Update Server Hacked to Distribute Malware

Remember the CCleaner hack? CCleaner hack was one of the largest supply chain attacks that infected more than 2.3 million users with a backdoored version of the software in September 2017. Security researchers today revealed another massive supply chain attack that compromised over 1 million...

6.9AI score
Exploits0
Securelist
Securelist
added 2019/03/25 1:1 p.m.78 views

Operation ShadowHammer

Earlier today, Motherboard published a story by Kim Zetter on Operation ShadowHammer, a newly discovered supply chain attack that leveraged ASUS Live Update software. While the investigation is still in progress and full results and technical paper will be published during SAS 2019 conference in...

6.8AI score
Exploits0
Rows per page
Query Builder