Author: Admin

On world password day, data from Onfido serves as a reminder that most people don’t follow password recommendations, probably never will, and that means it’s time to find a new security standard. Image: Getty Images/iStockphoto World password day 2021 is upon us, serving as yet another reminder to use unique passwords, update those that may be compromised and practice good password hygiene. If new data from Onfido is accurate, however, most of us have no…

Data breach incidents reported to the UK’s financial regulator dropped by nearly a third from 2019 to 2020, although experts claim this is far from an accurate picture of the current threat landscape. Governance and risk firm Kroll requested Freedom of Information (FoI) data from the Financial Conduct Authority (FCA) to better understand the level of cyber-breach activity in the sector. However, the data received, a 30% year-on-year drop in reported breaches to just 76 in…

A security researcher has discovered several issues with the software used by exercise equipment maker Peloton, which may have leaked sensitive customer information to unauthenticated users. Pen Test Partners explained in a new blog post that the problem could be traced back to unauthenticated API endpoints, which could have allowed hackers to interrogate  information on all users. Among the potentially exposed data was user and instructor IDs, group membership, location, workout stats, gender and age,…

Mt. San Rafael Hospital thwarted a ransomware attack on one of its sister facilities earlier this year before anything could be compromised. The organization is still working through the details of the hack, says CIO Michael Archuleta, whose hospital is part of the BridgeCare Health Network, which includes five hospitals in Colorado. “It could have been a bad issue if we didn’t have the automation and intelligence to catch and stop it,” says Archuleta. The…

Join host Peter McKee and Python wizard Michael Kennedy for a warts-and-all demo of how to Dockerize a Python app using FastAPI, a popular Python framework. Kennedy is a developer and entrepreneur, and the founder and host of two successful Python podcasts — Talk Python To Me and Python Bytes. He’s also a Python Software Foundation Fellow. With some skillful back-seat driving by McKee, Kennedy shows how to build a bare-bones web API — in…

McAfee Soars with Superior Protection Results    Bottom Line: McAfee stopped the MITRE ATT&CK Evaluation Carbanak and FIN7 threats in their tracks within the first 15% of the major steps of the attack chain (on average), delivering on a critical security operations center (SOC) strategy: Stop the attack as early as possible.   In April 2021, MITRE Engenuity released the results of the Carbanak and FIN7 evaluations that leveraged Tactics, Techniques, and Procedures (TTP’s) from the MITRE ATT&CK framework. McAfee and 28 other vendors tested the capabilities of…