Sources familiar with the effects of last year’s ransomware attack on Suffolk
County in the state of New York say the incident has forced government officials
to spend in excess of $16 million on recovery efforts.

Hackers initially penetrated Suffolk’s computer system on Dec. 19, 2021. As
reported by the NY Times
[https://www.nytimes.com/2022/12/21/nyregion/suffolk-county-cyberattack.html],
the attackers made their way in by exploiting a flaw in “an obscure but
commonplace piece of software” vi

In a revealing development, a newly launched hacking forum named ‘Exposed’ has
publicly leaked a substantial database from the infamous RaidForums. The
disclosure will bring unprecedented insights into the members of the hacking
community for both cybercriminals and security researchers.

RaidForums, a notorious hub for hackers who would freely share stolen data to
bolster their reputation, was seized in April 2022 in an international
operation, which also led to the arrest of its administrator,

Finding qualified staff to replace vacancies or build out an expanding team can be a nightmare for already overburdened CISOs, especially given there’s a pernicious and ongoing shortage of skilled cybersecurity workers in the job market. One creative alternative to frustratedly trolling job-search sites is to look inward, rather than outward — to find capable, smart people already working at a company in other areas and train them to fill roles on the cyber team.

There are many benefits to upskilling over hiring anew: current employees don’t need to adjust to the corporate culture, they have institutional memory, they have relationships within the company, and they’re already in the human resources channel. The downside is their lack of training and certification — but that’s a small price to pay for gaining a talented team member.

To read this article in full, please click here

Ask anyone what they expect from their home router, and they’ll always mention
speed, coverage, dependability, and security. With more connected devices than
ever and a growing need for bandwidth and speed, it’s easy to see why WI-FI
routers have become the heart of every modern home.

But as digital needs change and the smart home keeps growing around us, 4K/8K
video streaming, video calls, collaborative tools, interactive gaming, and VR
applications, which often run at the same time, continue

Researchers devised an attack technique, dubbed BrutePrint Attack, that allows brute-forcing fingerprints on smartphones to bypass authentication. Researchers have devised an attack technique, dubbed BrutePrint, that allows to brute-force fingerprints on smartphones to bypass user authentication. The attack technique exploits two zero-day vulnerabilities, called Cancel-After-Match-Fail (CAMF) and Match-After-Lock (MAL), in the smartphone fingerprint authentication (SFA) […]

The post BrutePrint Attack allows to unlock smartphones with brute-forcing fingerprint appeared first on Security Affairs.

A new open source remote access trojan (RAT) called DogeRAT targets Android users primarily located in India as part of a sophisticated malware campaign.
The malware is distributed via social media and messaging platforms under the guise of legitimate applications like Opera Mini, OpenAI ChatGOT, and Premium versions of YouTube, Netflix, and Instagram.
“Once installed on a victim’s device, the

Managed Care of North America (MCNA) Dental disclosed a data breach that impacted more than 8.9 million individuals. Managed Care of North America (MCNA) Dental suffered a data breach that impacted 8,923,662 patients. MCNA Dental is one of the largest US dental care and oral health insurance providers. The security breach exposed the personal information […]

The post Lockbit ransomware attack on MCNA Dental impacts 8.9M individuals appeared first on Security Affairs.