Asus & the Trojan malware "ShadowHammer," Office Depot selling fake virus scanners, vulnerabilities in Huawei Matebooks, and more in This Week in Cybersecurity: where we highlight select top cyber security stories from each week and share them here. Don't forget to follow our daily blog for more in-depth cyber security and technology news.
If you would like to be the first to know about our Week in Cybersecurity reports and receive a FREE Webcam Cover, sign up here.
The Week of March 29th, 2019:
- A critical software update has been released from Asus to combat a known Trojan malware attack called “ShadowHammer,” which the attack itself was disused as a “critical” software update. Though Asus stated that “only a small number of a specific user group was found to be targeted,” Kaspersky Labs predicts that the attack could have distributed to nearly 1 million machines and installed on hundreds of thousands. Along with the software patch, Asus also introduced a “Live Security” program that users can use to scan their device to see if it has been involved in any known malware attacks. (The Verge)
- FEMA (The Federal Emergency Management Agency) divulged the personal info of more than 2 million people with a contractor that was tasked with assigning temporary housing for victims of various disasters such as the California wildfires of 2017 and Hurricane Harvey. As discovered by the Homeland Security Inspector General, FEMA has not found any of the shared data to compromised yet but are taking “aggressive” action with the contractor to remove the unnecessary information. (CNET Security)
- Another trojan malware is making rounds, but this one is specifically targeting Android users. Found by Group-IB and named “Gustuff,” this malware spreads its infection through SMS messaged that include invitations to download malicious Android package files (APKs) and spread to other users in the device’s address book. It then uses the Accessibility features to bypass the security measures of the device and mimics legitimate apps to phish users into divulging their personal data on their fake versions of the apps. Another example of why the safest way of using apps on an Android mobile device to only download them from the official source: Google Play. (The Next Web)
- Huawei is in the news again as Microsoft found a severe vulnerability in Huawei’s PCManager driver software that come with their MateBook line of PCs that could open a side-door for hackers to access the computer. After it triggered Microsoft’s Defender ATP, which is a kernel sensor in Windows 10 made to prevent malware attacks such as WannaCry, it was found that an attacker could exploit the vulnerability by running a malicious app without the user knowing it. Microsoft rated the flaw with a severity score of 7.3 out of 10, so if you are using a Huawei Matebook, consult your IT solution about the update. (ZDNet)
- Retailer Office Depot was caught by the FCC through allegedly utilizing a tool that lied about their customer’s computer status to sell tech support. Between 2009 and 2016, the software “PC Health Check” that was created by support.com, did not actually run virus scans on computers but instead asked a series of four questions that the user would answer, such as crash frequencies of if it is running slowly. If yes is answered at any time, a prompt would show up warning the user of “malware symptoms,” even if the computer is fine. The user would then receive an offer for Office Depot to fix a problem that may not even be there, potentially costing the customer hundreds of dollars. The retailer agreed to a $25 Million settlement with the FTC of the matter and support.com agreed to $10 million. Feels like a good case of “trust but verify.” (Bleeping Computer)
neoRhino’s Remote Managed Services and Advanced Security Packages are here so you can focus on your daily duties. You can relax knowing that we are here to protect you. Call us at (281) 779-4850 for a FREE consultation and we can help your business today.