Page 5 - Threat Intelligence 11-27-2019
P. 5
Security News
Intel to remove old drivers and BIOS updates from its site by the end of the week. By Friday, the end of the
current week, Intel plans to remove old drivers and BIOS updates from its official website. Downloads for
hundreds of components are believed to have been impacted, from motherboards to NIC cards and graphics
cards. Most of the drivers are for Windows versions like 98, ME, XP, and older Windows Server editions -- old
Windows OS versions that have themselves reached end-of-life (EOL) All components and motherboards
reached (EOL) years ago, and Intel stopped delivering firmware updates as a result. Its website was merely
hosting the older files for convenience. In the meantime, there are certain things that owners of older Intel
gear must do. The first is to download the drivers and BIOS updates for their respective components and
motherboards from Intel's official website, while they're still available. Second, if they're reading this piece
after the November 22 deadline, they can use a mirror of Intel's FTP site, like this one or this one, to download
the needed files. Other community efforts are also underway. Third, they should stay away from downloading
Intel drivers and BIOS updates from dodgy "downloads websites." As several users commenting on a
HackerNews discussion pointed out, this is the ideal time and circumstance for malware authors to create
websites that offer firmware downloads laced with malware for older Intel gear.
Source: https://www.zdnet.com/article/intel-to-remove-old-drivers-and-bios-updates-from-its-site-by-
the-end-of-the-week/
5,183 breaches from the first nine months of 2019 exposed 7.9 billion records. According to Risk Based
Security’s Q3 2019 Data Breach QuickView Report, the total number of breaches was up 33.3% compared to
Q3 2018, with 5,183 breaches reported in the first nine months of 2019. Breach activity in 2019 is living up to
being “the worst year on record”. Although the total number of breaches is on track to break previous year
records, the total number of records exposed has already surpassed the 2017 year end total. 7.9 billion
records have already been exposed and we are on track to reach as high as 8.5 billion. Key findings state that
by NAICS economic sector, medical services, retailers and public entities experienced the most breaches, but
when all business-related sectors are combined, general business remains the most breached organization
type. Looking further into data breach landscape, hacking remains the top breach type for number of incidents
while Web has exposed the most records this year.
Source: https://www.helpnetsecurity.com/2019/11/14/breaches-2019/
Stop! Don't Charge Your Phone This Way. As the busy holiday season approaches, the Los Angeles County
District Attorney’s Office is warning travelers about a USB charger scam, or “juice jacking.” “A free charge could
end up draining your bank account,” Luke Sisak, a deputy district attorney, said in a video posted online this
month. Juice jacking happens when unsuspecting users plug their electronic devices into USB ports or use USB
cables that have been loaded with malware. The malware then infects the devices, giving hackers a way in.
They can then read and export your data, including your passwords, and even lock up the gadgets, making
them unusable.
Source: https://news.yahoo.com/stop-dont-charge-phone-way-200116454.html
www.accumepartners.com
5
