CISA Warns of Exploited Flaw in Asus Update Tool - SecurityWeek (www.securityweek.com)

submitted 5 hours ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

4 comments fedilink hide all child comments

top 4 comments

sorted by: hot top controversial new old

[-] infeeeee@lemmy.zip 6 points 4 hours ago

The warning refers to Operation ShadowHammer, a sophisticated supply chain attack mounted in 2018 by Chinese state-sponsored hackers

[...]

The attack was uncovered in January 2019 and Asus released a patch by March the same year.

It was already patched ~7 years ago, but CISA only warns now?

While over 1 million Asus users might have downloaded the backdoored utility, the hackers were reportedly interested in only around 600 specific devices, based on hashed MAC addresses hardcoded in various versions of the tool.

Per Binding Operational Directive (BOD) 22-01, federal agencies have three weeks to identify vulnerable products in their environments and address the issue.

The hackers targeted this to 600 devices then waited 7 years and expected the targets won't upgrade this app? This sounds strange, or I'm misunderstanding something.

[-] thisbenzingring@lemmy.today 2 points 4 hours ago

I suprised it took this long. I bought a new motherboard in 2023 and discovered that the bios phones home and can patch the bios before the OS loads and that just was a big NOPE for me and I disabled it.

[-] LlilL@lemmy.zip 2 points 50 minutes ago

Was that a specific bios/uefi setting(s)?

[-] thisbenzingring@lemmy.today 2 points 39 minutes ago

yes, but IDK what it's called off the top of my head. I got suspicious after noticing firewall logs to asus before the spamming Microsoft logs. the setting also lets the bios talk to the os by providing drivers during the Windows oobe, it will inject the Asus software like it's preinstalled like OEM supplied. pissed me off because I have a iso of windows from ma visual studio download that's basically the latest widows patched.i was like ....blank slate, should just be Microsoft wtf is Asus junk software doing there?!

this post was submitted on 19 Dec 2025

24 points (100.0% liked)

Cybersecurity

8810 readers

227 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social