Comments
Hiring Outside the Box in Cybersecurity
Newest First  |  Oldest First  |  Threaded View
kbrown6729@gmail.com
100%
0%
[email protected],
User Rank: Apprentice
12/1/2017 | 8:32:50 PM
Can I Use Your Article In My Upcoming Job Hunt?
Thanks so much, Ms. Safran, great article.  As a longtime network admin attempting to re-invent herself into a security professional, it has occurred to me also that hiring managers would do well to broaden their scope a bit if they truly want to abate the current security talent shortage (and if they'd like to secure their networks as quickly as possible too).  A well-rounded person with the right approach and hard work, may be just as good an answer to the problem as that elusive 'top notch talent'.  I may not bring a copy of this to interviews, but I'll certainly keep its points in mind as I talk with potential employers!  
KSRNC
50%
50%
KSRNC,
User Rank: Apprentice
11/9/2017 | 2:48:10 PM
Sounds Promising
I just hope more organizations are more willing to seriously consider "nontraditional" candidates moving forward.


Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
The Data Security Landscape Is Shifting: Is Your Company Prepared?
Francis Dinha, CEO & Co-Founder of OpenVPN,  8/13/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-13435
PUBLISHED: 2018-08-16
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method to disable passcode authentication. NOTE: the vendor indicates that this is not an attack of interest w...
CVE-2018-13446
PUBLISHED: 2018-08-16
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. ...
CVE-2018-14567
PUBLISHED: 2018-08-16
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.
CVE-2018-15122
PUBLISHED: 2018-08-16
An issue found in Progress Telerik JustAssembly through 2018.1.323.2 and JustDecompile through 2018.2.605.0 makes it possible to execute code by decompiling a compiled .NET object (such as DLL or EXE) with an embedded resource file by clicking on the resource.
CVE-2018-11509
PUBLISHED: 2018-08-16
ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and password as it does for the NAS itself for applications that are installed from the online repository. This may allow an attacker to login and upload a webshell.