RSS_Virtulization

Data breach incidents reported to the UK’s financial regulator dropped by nearly a third from 2019 to 2020, although experts claim this is far from an accurate picture of the current threat landscape. Governance and risk firm Kroll requested Freedom of Information (FoI) data from the Financial Conduct Authority (FCA) to better understand the level of cyber-breach activity in the sector. However, the data received, a 30% year-on-year drop in reported breaches to just 76 in…

A security researcher has discovered several issues with the software used by exercise equipment maker Peloton, which may have leaked sensitive customer information to unauthenticated users. Pen Test Partners explained in a new blog post that the problem could be traced back to unauthenticated API endpoints, which could have allowed hackers to interrogate  information on all users. Among the potentially exposed data was user and instructor IDs, group membership, location, workout stats, gender and age,…

Mt. San Rafael Hospital thwarted a ransomware attack on one of its sister facilities earlier this year before anything could be compromised. The organization is still working through the details of the hack, says CIO Michael Archuleta, whose hospital is part of the BridgeCare Health Network, which includes five hospitals in Colorado. “It could have been a bad issue if we didn’t have the automation and intelligence to catch and stop it,” says Archuleta. The…

Join host Peter McKee and Python wizard Michael Kennedy for a warts-and-all demo of how to Dockerize a Python app using FastAPI, a popular Python framework. Kennedy is a developer and entrepreneur, and the founder and host of two successful Python podcasts — Talk Python To Me and Python Bytes. He’s also a Python Software Foundation Fellow. With some skillful back-seat driving by McKee, Kennedy shows how to build a bare-bones web API — in…

McAfee Soars with Superior Protection Results    Bottom Line: McAfee stopped the MITRE ATT&CK Evaluation Carbanak and FIN7 threats in their tracks within the first 15% of the major steps of the attack chain (on average), delivering on a critical security operations center (SOC) strategy: Stop the attack as early as possible.   In April 2021, MITRE Engenuity released the results of the Carbanak and FIN7 evaluations that leveraged Tactics, Techniques, and Procedures (TTP’s) from the MITRE ATT&CK framework. McAfee and 28 other vendors tested the capabilities of…

A survey from Blackberry finds that IT departments are worried about unpatched devices connecting to corporate networks as offices reopen. Security professionals are bracing for the next phase of the remote work reality: personal devices coming back into the office and bringing along all the associated security risks. A new survey from Blackberry found that many IT teams are planning to quarantine laptops for scans and patching before allowing them to reconnect to the network….

American multinational computer technology giant Dell addresses a 12-year-old driver flaw, tracked as CVE-2021-21551, impacting millions of computers. Hundreds of millions of Dell computers worldwide are affected by a 12-year-old vulnerability, tracked as CVE-2021-21551, that affects Dell DBUtil driver. The flaw affects version 2.3 of the Dell BIOS driver, it is one of a series of escalate privileges issues discovered by researchers from SentinelLabs. The vulnerabilities could be exploited by attackers to access driver functions and…