Military websites hacked | Breaking Cybersecurity News | The Hacker News

Watering hole Internet Explorer 8 zero-day attack on the US Department of Labor website last week has spread to 9 more global websites over the weekend, including those run by a big European company operating in the aerospace, defense , and security industries as well as non-profit groups and institutes Attacks exploiting a previously unknown and currently unpatched vulnerability in Microsoft's Internet Explorer browser have spread to at least. Researchers analyzing the attacks say that the attack tie it to a China-based hacking group known as " DeepPanda ". Security firm CrowdStrike said its researchers unearthed evidence suggesting that the campaign began in mid-March. Their analysis of logs from the malicious infrastructure used in the attacks revealed the IP addresses of visitors to the compromised sites. The logs showed addresses from 37 different countries, with 71 percent of them in the US, 11 percent in South/Southeast Asia, and 10 percent in Europe. Micros

Internet Activist and collective hacker group "NullCrew" released a huge dump of 7,000 names-passwords database from US Government websites and 2000 names-passwords database from Military websites. Hacker claimed to hack into five websites, including Montana's Official State Website, United Nations, Louisiana Department of Environmental Quality, Texas Juvenile Justice Department, Force Health Protection & Readiness, domains are -  unescoetxea.org , www.mt.gov , www.la.gov, www.texas.gov and fhpr.osd.mil respectiverly. Few days back two Nullcrew members,  null and 0rbit_g1rl claimed to perform the hack into above sites using few vulnerabilities such as " Unproperly sanitized code, leading to disclosure of all files on a server and Boolean blind SQL injection " and they threatened to release the database soon. Today in a announcement via Twitter, hacker leaked the Database including 2000 and more Military, Air Force and Army officials us

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.