Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Cartoon: The Insider Threat
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
saipraneeth
50%
50%
saipraneeth,
User Rank: Apprentice
4/17/2015 | 6:58:46 AM
Re: Social engineering the office party..
nice post
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
12/16/2014 | 11:45:06 AM
Re: It's a small world
That was undoubtedly awkward for both of you. IT communities within a city are typically small and closely knit. I attend several tech conferences every year and I see the same people time and again, albeit sometimes with different companies. Unfortunately, non-IT executives rarely venture into those gatherings and it is difficult for them to network with IT professionals, so they sometimes have to rely on paper qualifications. I know some IT folks who look very good on paper, but somewhat lacking in actual experience. Things have a way of sorting themselves out though, especially in a highly technical field such as IT.
aws0513
50%
50%
aws0513,
User Rank: Ninja
12/16/2014 | 11:33:59 AM
Re: It's a small world
The situation was somewhat less than seredipitous.
From what I learned later, the guy omitted or "embellished" certain details about his work history.
Definitely an awkward situation for my friend.  He was desparate for a security professional leader for the executive team, but found out after the fact that he had possibly hired a lemon.

I told my friend that it was not uncommon for paths to cross in the security industry.  Good security professionals understand and commonly engage the power of human networking and knowledge sharing.
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
12/16/2014 | 10:57:53 AM
Re: It's a small world
Reminds me of that long standing joke about government employees - if you do good work, you are considered invaluable in that position and simply stagnate; but if you screw up, you are removed from the position and then get promoted!
aws0513
100%
0%
aws0513,
User Rank: Ninja
12/15/2014 | 4:00:01 PM
It's a small world
Awhile back, I was attending a small scale IT security symposium.
The first part of the event was a short social time where everyone had bagels and coffee before the first presentation. 

It was shortly into that social time when I ran into a good friend who happened to be an executive for another company in the city where this conference was located.  He wanted to introduce me to his new CISO and sent his administrative assistant to fetch him from somewhere on the other side of the crowded room.

A few moments later, the assistant came back somewhat upset. She mentioned the CISO had to leave in a rush due to some kind of emergency.  My friend was visibly concerned and hoped that we could link up again in the future.  He then told me the name of this new CISO and if I had heard of him before.

When he told me the name of this new CISO, I first had to verify what the guy looked like and finalized that by mentioning the name of this new CISOs wife.  My friend was amazed I knew the guy and asked where we had crossed paths.

Then I proceeded to inform my friend how approximately a year prior I was involved in getting his new CISO released (fired) from a network manager position at another organization we both happened to work for.  The reasons for which I was not at liberty to disclose.

Awkward...
Soozy G. Miller
50%
50%
Soozy G. Miller,
User Rank: Apprentice
12/15/2014 | 1:18:01 PM
for a day
Maybe if it could be stolen for a day and I could be someone else for just that day, it would be cool. Like Madonna. Or Kate Middleton. Or Gwen Stefani. Would I get Gwen's voice along with her identity?
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
12/4/2014 | 12:20:46 AM
Re: Who's stealing from whom?
@ODA155: haha, you flatter me.

Okay, someone with more money, then.  :p
ODA155
50%
50%
ODA155,
User Rank: Ninja
12/3/2014 | 5:28:38 PM
Re: Who's stealing from whom?
@Joe Stanganelli,... Someone "cooler" than you... dude, how is that even possible?
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
12/3/2014 | 10:57:48 AM
Re: Who's stealing from whom?
LOL, Joe. If only it was that simple..
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
12/3/2014 | 1:12:56 AM
Who's stealing from whom?
Sometimes I worry about having my identity stolen.

Then I think that if that ever happened, I could seize the opportunity to take on the identity of someone cooler.
Page 1 / 2   >   >>


NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This is not what I meant by "I would like to share some desk space"
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-1067
PUBLISHED: 2021-01-20
NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the implementation of the RPMB command status, in which an attacker can write to the Write Protect Configuration Block, which may lead to denial of service or escalation of privileges.
CVE-2021-1068
PUBLISHED: 2021-01-20
NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVDEC component, in which an attacker can read from or write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or escalation of privileges.
CVE-2021-1069
PUBLISHED: 2021-01-20
NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVHost function, which may lead to abnormal reboot due to a null pointer reference, causing data loss.
CVE-2020-26252
PUBLISHED: 2021-01-20
OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.6, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to update product data to be able to store an executable file on the server ...
CVE-2020-26278
PUBLISHED: 2021-01-20
Weave Net is open source software which creates a virtual network that connects Docker containers across multiple hosts and enables their automatic discovery. Weave Net before version 2.8.0 has a vulnerability in which can allow an attacker to take over any host in the cluster. Weave Net is suppli...