New
#1
Users of the ASUS Live Update beware, you could install backdoor
As Kaspersky lab announced today, users of ASUS hardware are possible targets of hackers attack:
Read more at Kaspersky lab site:The actors behind ShadowHammer targeted the ASUS Live Update Utility as the initial source of infection. This is a pre-installed utility in most new ASUS computers, for automatic BIOS, UEFI, drivers and applications updates. Using stolen digital certificates used by ASUS to sign legitimate binaries, the attackers have tampered older versions of ASUS software, injecting their own malicious code. Trojanized versions of the utility were signed with legitimate certificates and were hosted on and distributed from official ASUS update servers – which made them mostly invisible to the vast majority of protection solutions.
press-releases | operation-shadowhammer-new-supply-chain-attack
Brink already posted this, so it could be deleted. Sorry
tenforums | windows-10-news/129563-operation-shadowhammer-apt-targeted-asus-live-update-utility