Asus 'Live Update' Utility Used By Hackers To Disguise Malware As Notebook Software Updates
darkreading.com- Author: Jai Vijayan - Date: March 26th, 2019
Asus recently on Tuesday resolved a critical issue involving its 'Live Update' utility that allowed an attacker to distribute malware disguised as legitimate update software to customer's who used Asus' Notebook computers. The issue has been resolved by Asus and also includes additional "security verification mechanisms" to help prevent attackers from manipulating the company's automatic software updates.
How the "KonMarie" Method Can Aid Security
darkreading.com- Author: Curtis Franklin Jr. - Date: March 28th, 2019
A growing number of company executives are taking a look at how the "de-cluttering" methods presented by Marie Kondo can be applied to the world of security. The "KonMarie" method of de-cluttering can be beneficial when it comes to mitigating the risk of having data leaked as co-founder and CEO of Insight Engines states, "The more time I spend in the cybersecurity world, the more I see people just keep data — not insights — but just keep data for a rainy day, most of the time, nothing ever comes of any of this stuff". From a security standpoint we all this leftover "stuff" can potentially lead to a significant security vulnerability. "If you don't have the data to lose in the first place, you can't lose it," Wernick says.
SwissArmy-like Android Software Discovered In The Wild
darkreading.com.com- Author: Jai Vijayan - Date: March 28th, 2019
A new dangerous Android trojan has been developed with capabilities to target a variety of mobile banking apps, crypto-wallets, online payment services, and e-commerce sites. The malware itself is delivered to victims through a text message link. In theory, the unsuspecting victim would click on the link where the malware would then get installed on the victim's Android device. Security vendor, Group-IB, discovered this nasty piece of software targeting customers of more than 100 banks globally including several US-based ones (Bank of America, Wells Fargo, Capital One, etc). The malware, dubbed "Gustuff" so far is being spread through SMS messages where, "The content of SMS can vary, but in general, it prompts users to click on the link to start downloading the malicious app", head of Group-IB analysis Rustam Mirkasymov says.
Court Injunction Helps Microsoft Deal With Its "99 Problems"
darkreading.com - Author: Curtis Franklin Jr. - Date: March 28th, 2019
Microsoft was granted an injunction by courts to take down 99 websites belonging to Iran based hacking group "Phosphorous" (aka APT35, Charming Kitten, and Ajax Security Team). This allowed Microsoft to quickly and swiftly take control of the websites belonging to the hacking group that was used to execute phishing attacks on with fake Microsoft security warnings. Microsoft had also worked with other companies including tech giant, Yahoo and a number of domain registrars to help build the case to present to the judge for the injunction.
Tesla's Sentry Mode Captures Thieves On Camera
carscoops.com - Date: March 17th, 2019
In the video clips which are linked below, we see how Tesla's Sentry mode can help with identifying suspects who steal from parked Tesla vehicles.
In both clips, you can see a hooded thief approach the Tesla, which activates sentry mode. Even though the thieves managed to break the car windows of the Tesla to steal the items inside their faces are captured in high quality which could, in theory, be used to help police identify and arrest the suspect.