Comments
Phishing, Whaling & The Surprising Importance Of Privileged Users
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
6/30/2016 | 3:05:40 PM
Re: BYOD
I agree with you. Plus the employee is the perfect compromise point. With their level of access you have the ability to circumvent many security safeguards.
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
6/22/2016 | 7:26:42 AM
BYOD
Some great points here. It's amazing how often major corporations are cracked open when just one employee lets the hackers in. 

However it also continues to raise concerns for me around BYOD policies. It becomes a hell of a lot easier to hack into a network if it is full of devices people take home, leave around and potentially don't secure anywhere near as well as their hardware and software at work.


What We Talk About When We Talk About Risk
Jack Jones, Chairman, FAIR Institute,  7/11/2018
Ticketmaster Breach Part of Massive Payment Card Hacking Campaign
Jai Vijayan, Freelance writer,  7/10/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14072
PUBLISHED: 2018-07-15
libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c.
CVE-2018-14073
PUBLISHED: 2018-07-15
libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c.
CVE-2018-14068
PUBLISHED: 2018-07-15
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin account via admin.php?m=Admin&c=manager&a=add.
CVE-2018-14069
PUBLISHED: 2018-07-15
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add.
CVE-2018-14066
PUBLISHED: 2018-07-15
The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. One consequence is that an application without the READ_SMS permission can read SMS messages. This affects Infinix X571 phones, as well as various Lenovo p...