yahoo hack | Breaking Cybersecurity News | The Hacker News

In the digital world, it just takes one click to get the keys to the kingdom. Do you know spear-phishing was the only secret weapon behind the biggest data breach in the history? It's true, as one of the Yahoo employees fell victim to a simple phishing attack and clicked one wrong link that let the hackers gain a foothold in the company's internal networks. You may be familiar with phishing attacks — an attempt to steal user credentials or financial data — while, Spear-phishing is a targeted form of phishing in which attackers trick employees or vendors into providing remote-access credentials or opening a malicious attachment containing an exploit or payload. Here's how the Yahoo's massive data breach was traced back to human error and who were the alleged masterminds behind this hack. On Wednesday, the US government charged two Russian spies (Dmitry Dokuchaev and Igor Sushchin) and two criminal hackers (Alexsey Belan and Karim Baratov) in connection with the 20

The 2014 Yahoo hack disclosed late last year that compromised over 500 million Yahoo user accounts was believed to be carried out by a state-sponsored hacking group. Now, two Russian intelligence officers and two criminal hackers have been charged by the US government in connection with the 2014 Yahoo hack that compromised about 500 million Yahoo user accounts, the Department of Justice announced Wednesday. According to the prosecutors, at least 30 million accounts were accessed as part of a spam campaign to access the email contents of thousands of people, including journalists, government officials, and technology company employees. The four defendants — Two officers from the Russian Federal Security Service (FSB) and two other hackers — are identified as: Dmitry Aleksandrovich Dokuchaev, 33 — an officer in the FSB Center for Information Security at the time of the hack, and now Russian national and resident. Igor Anatolyevich Sushchin, 43 — an FSB officer, a superior

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.