Operation ShadowHammer hijacks ASUS Live Update to install backdoor

Cyber attackers have hijacked ASUS Live Update and downloaded a back-doored version to thousands of ASUS PCs last year. The utility is pre-installed on most ASUS computers and is used to keep ASUS PCs up-to-date with latest firmware, drivers and applications.

Continue ReadingOperation ShadowHammer hijacks ASUS Live Update to install backdoor

NIST SP 800-37 Rev. 2: Risk Management Framework for Information Systems and Organizations

The National Institute of Standards and Technology (NIST) has released a new risk management framework guideline. NIST has named the document Security Publication (SP) 800-37 Rev. 2: "Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy."

Continue ReadingNIST SP 800-37 Rev. 2: Risk Management Framework for Information Systems and Organizations