Podcast Episode Details

Back to Podcast Episodes
Apple Card, ASUS Live Update Backdoor, Statistics on Malware Attacks

Apple Card, ASUS Live Update Backdoor, Statistics on Malware Attacks

This is your Shared Security Weekly Blaze for April 1st 2019 with your host, Tom Eston. In this week’s episode: Apple’s new privacy focused credit card, the ASUS live update software backdoor, and recent statistics on Malware attacks.

Protect your digital privacy with Silent Pocket’s product line of patented Faraday bags, phone cases, and wallets which will make your devices untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order during checkout. Visit silentpocket.com today to take advantage of this exclusive offer.

Hi everyone, welcome to the Shared Security Weekly Blaze where we update you on the top 3 cybersecurity and privacy topics from the week. These podcasts are published every Monday and are 15 minutes or less quickly giving you “news that you can use”.

Apple announced last week that it’s partnered with financial firm Goldman Sachs on a new type of credit card which is focused on privacy and security. The credit card, which is called “Apple Card”, is paired with Apple Pay so you can use it like you normally do with your iPhone, but it also includes a traditional physical card made out of titanium, laser-etched and has no visible card number, CVV code, expiration date, or signature on the card itself. Now that credit card, completely has Apple written all over it. In regards to the technology, the credit card number will be stored in the iPhone’s Secure Element chip and all purchases must be authenticated through Touch ID or Face ID. Apple also says that they will not track what you’ve purchased, where you’ve shopped, or how much you’ve paid for purchases and that Goldman Sachs will not share or sell your data to third-party marketing firms. Other perks include a cash back program on all purchases, no annual fees, and insight into spending habits right on your iPhone. If this all sounds amazing, you may be asking yourself “What’s the catch?”. Well, the Apple Card is still a credit card so from what we know so far is that interest rates will vary between 13 and 24% and are based on your “creditworthiness” and that any late or missed payments will drive up your interest rate.

My take is that I think it’s great to see Apple making more of their products and services with privacy and security in mind. I think we all give Apple some grief over their sometimes overly aggressive marketing campaigns like they did at CES in Las Vegas this year when they proclaimed on a large billboard “What happens on your iPhone, stays on your iPhone”. But perhaps, now we’re really starting to see Apple put their money where their mouth is.

Computer hardware manufacture ASUS confirmed that their “live update” tool, which provides firmware updates, drivers, and patches for all of their laptops and other consumer hardware, was compromised by an Advanced Persistent Threat group. This is a great example of what is called a supply chain attack where a central update repository was compromised to spread malware. ASUS said in their press release that “a small number of devices have been implanted with malicious code through a sophisticated attack on our Live Update servers in an attempt to target a very small and specific user group”.  ASUS also stated that it had reached out to affected users and worked with them to ensure any security risks were removed. Kaspersky, which makes anti-virus software, claims it’s detected the ASUS supply-chain malware, conveniently named ShadowHammer, on 57,000 computers. Kaspersky says that there may be even more devices that have been affected.

In related news, TechCrunch reports that a security resear

Published on 6 years, 8 months ago





If you like Podbriefly.com, please consider donating to support the ongoing development.

Donate

© 2025 Developer Service

DevAsService

DevAsService

Cloud Home Lab

Developer Service

Imaginator

Courses Developer Service

Is It Clickbait