Cyberwar | Breaking Cybersecurity News | The Hacker News

Amid heightened  border tensions  between India and China, cybersecurity researchers have revealed a concerted campaign against India's critical infrastructure, including the nation's power grid, from Chinese state-sponsored groups. The attacks, which coincided with the standoff between the two nations in May 2020, targeted a total of 12 organizations, 10 of which are in the power generation and transmission sector. "10 distinct Indian power sector organizations, including four of the five Regional Load Despatch Centres (RLDC) responsible for operation of the power grid through balancing electricity supply and demand, have been identified as targets in a concerted campaign against India's critical infrastructure," Recorded Future  said  in a report published yesterday. "Other targets identified included 2 Indian seaports." Chief among the victims include a power plant run by National Thermal Power Corporation (NTPC) Limited and New Delhi-based Power

The increasing threats of cyberwar are keeping U.S. officials busy alongside ongoing wars on terror and drugs. Recent incidents highlight the rising cyberwarfare concerns: Google reported espionage attacks originating from China, mysterious Internet traffic activities related to China, the Stuxnet worm targeting Iranian nuclear centrifuges, an attack on the WikiLeaks site following the release of classified U.S. documents, and the significant Internet attack on Estonia a few years ago. To address these cyber threats, the U.S. has adopted military strategies for cybersecurity, establishing Cyber Command and placing national cybersecurity under the Department of Defense. However, relying solely on offensive strategies is not the best defense. Gary McGraw, CTO at Cigital and author, argues that more secure software, rather than cyber warriors, is essential to protect networks and online data. In his article, "Cyber Warmongering and Influence Peddling," McGraw emphasizes the nee

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.