Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
The Enemy Who Is Us: DoD Puts Contractors On Notice For Insider Threats
Newest First  |  Oldest First  |  Threaded View
Marilyn Cohodas
Marilyn Cohodas,
User Rank: Strategist
11/18/2014 | 9:09:29 AM
Re: A good start or too little too late?
Good point. That is at least something....Thx!
firestonea
firestonea,
User Rank: Author
11/18/2014 | 9:07:58 AM
Re: A good start or too little too late?
So as not to conflate POST Snowden with PRE Snowden, it's worth noting that at the very least, internal government networks are being significantly fortified with respect to security in the POST Snowden era.
Marilyn Cohodas
Marilyn Cohodas,
User Rank: Strategist
11/18/2014 | 9:06:10 AM
Re: A good start or too little too late?
I'm actually surprised that in all the hand-wringing and finter-pointing in the wake of the  Edward Snowden leaks, the goverment didn't try to put in place more stringent technical safegards.. I guess that is the nature of bureaucracy..
firestonea
firestonea,
User Rank: Author
11/18/2014 | 8:55:15 AM
Re: A good start or too little too late?
Hi Marilyn,


I think such rules would have been a good start.  However, like most rules of that sort, they are deliberately vague as to implementation details in order to give organizations the maximum amount of flexibility.  I think that prevention of such a data loss would have required very specific technical safeguards to have been in place.  That being said, this rulemaking provides important impetus (and is a great step in overcoming organizational inertia) toward that goal.
Marilyn Cohodas
Marilyn Cohodas,
User Rank: Strategist
11/17/2014 | 10:27:06 AM
A good start or too little too late?
Good article, Adam. But I[m curious. Do you think having insider threat rules in place pre-Snowden could have prevented his leaking of classified NSA docs? 


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building the SOC of the Future
While an attacker just needs to find one vulnerability to get in to the network, the defender has to look everywhere. Defenders have to identify, disrupt, and stop attacks in the short period of time between when an attacker gets in and causes damage. One way is a security operations center to get that "all the time" coverage. What's Inside: --AI and cybersecurity response --Automation --Proctive threat hunting --Next-gen SIEM
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-3276
PUBLISHED: 2022-10-07
Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise.
CVE-2022-41574
PUBLISHED: 2022-10-07
An access-control vulnerability in Gradle Enterprise 2022.4 through 2022.3.1 allows remote attackers to prevent backups from occurring, and send emails with arbitrary text content to the configured installation-administrator contact address, via HTTP access to an accidentally exposed internal endpoi...
CVE-2022-31680
PUBLISHED: 2022-10-07
The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server.
CVE-2022-31681
PUBLISHED: 2022-10-07
VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.
CVE-2022-3275
PUBLISHED: 2022-10-07
Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise.