Lucene search
K

11 matches found

The Hacker News
The Hacker News
added 2025/12/18 5:1 a.m.5 views

CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a critical flaw impacting ASUS Live Update to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2025-59374 CVSS score: 9.3, has been described...

9.8CVSS7AI score0.01084EPSS
Exploits0
Securelist
Securelist
added 2019/12/04 10:0 a.m.1490 views

APT review: what the world’s threat actors got up to in 2019

What were the most interesting developments in terms of APT activity during the year and what can we learn from them? This is not an easy question to answer, because researchers have only partial visibility and it´s impossible to fully understand the motivation for some attacks or the development...

7.2CVSS9AI score0.99993EPSS
Exploits45
Securelist
Securelist
added 2019/08/19 10:0 a.m.1061 views

IT threat evolution Q2 2019

Targeted attacks and malware campaigns More about ShadowHammer In March, we published the results of our investigation into a sophisticated supply-chain attack involving the ASUS Live Update Utility, used to deliver BIOS, UEFI and software updates to ASUS laptops and desktops. The attackers added...

7.2CVSS1.4AI score0.73721EPSS
Exploits20
Schneier on Security
Schneier on Security
added 2019/05/16 6:34 p.m.87 views

More Attacks against Computer Automatic Update Systems

Last month, Kaspersky discovered that Asus's live update system was infected with malware, an operation it called Operation Shadowhammer. Now we learn that six other companies were targeted in the same operation. As we mentioned before, ASUS was not the only company used by the attackers. Studyin...

1.5AI score
Exploits0
Securelist
Securelist
added 2019/04/30 10:0 a.m.87 views

APT trends report Q1 2019

For just under two years, the Global Research and Analysis Team GReAT at Kaspersky Lab has been publishing quarterly summaries of advanced persistent threat APT activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published an...

7.2CVSS0.4AI score0.83524EPSS
Exploits82
Securelist
Securelist
added 2019/04/23 10:0 a.m.87 views

Operation ShadowHammer: a high-profile supply chain attack

In late March 2019, we briefly highlighted our research on ShadowHammer attacks, a sophisticated supply chain attack involving ASUS Live Update Utility, which was featured in a Kim Zetter article on Motherboard. The topic was also one of the research announcements made at the SAS conference, whic...

0.3AI score
Exploits0
ThreatPost
ThreatPost
added 2019/04/04 11:0 a.m.71 views

SAS 2019 to Tackle APTs, Supply Chains and More

Kaspersky Lab’s Security Analyst Summit kicks off in Singapore next week, where elite researchers, top cybersecurity firms and global law-enforcement agencies will discuss today’s biggest cybersecurity threats and how best to squash them. This year marks the first time the global security...

0.1AI score
Exploits0References3
The Hacker News
The Hacker News
added 2019/03/29 10:58 a.m.87 views

Here's the List of ~600 MAC Addresses Targeted in Recent ASUS Hack

EXCLUSIVE — While revealing details of a massive supply chain cyber attack against ASUS customers, Russian security firm Kaspersky last week didn't release the full list all MAC addresses that hackers hardcoded into their malware to surgically target a specific pool of users. Instead, Kaspersky...

0.2AI score
Exploits0
HackRead
HackRead
added 2019/03/26 10:11 p.m.68 views

ShadowHammer: ASUS software updates exploited to distribute malware

By Waqas The victims of ShadowHammer malware attack are Windows users. Kaspersky Lab researchers have made a startling new revelation that the world’s leading computer maker ASUS’s live software update system was compromised by cybercriminals to install a backdoor, which affected ASUS customers...

4.6AI score
Exploits0
The Hacker News
The Hacker News
added 2019/03/25 4:15 p.m.3 views

Warning: ASUS Software Update Server Hacked to Distribute Malware

Remember the CCleaner hack? CCleaner hack was one of the largest supply chain attacks that infected more than 2.3 million users with a backdoored version of the software in September 2017. Security researchers today revealed another massive supply chain attack that compromised over 1 million...

6.9AI score
Exploits0
Securelist
Securelist
added 2019/03/25 1:1 p.m.78 views

Operation ShadowHammer

Earlier today, Motherboard published a story by Kim Zetter on Operation ShadowHammer, a newly discovered supply chain attack that leveraged ASUS Live Update software. While the investigation is still in progress and full results and technical paper will be published during SAS 2019 conference in...

6.8AI score
Exploits0
Rows per page
Query Builder