Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Name That Toon: The Advanced Persistent Threat
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 4 / 7   >   >>
jrig1842
0%
100%
jrig1842,
User Rank: Strategist
3/27/2019 | 7:36:37 AM
Quick
Better call Saul.....er Aquaman!
PanamaVet
100%
0%
PanamaVet,
User Rank: Strategist
3/26/2019 | 8:52:08 AM
End Factor Authentication
Incorrect password, you have one second to click on all pictures with a traffic signal...
katchootoo
100%
0%
katchootoo,
User Rank: Apprentice
3/25/2019 | 3:59:13 PM
Incognito Tab Fail
Bob, I told you incognito mode doesn't protect on those sites.  Now I have to call IT, HR and animal control to clean up your mess.
mholm971
100%
0%
mholm971,
User Rank: Apprentice
3/24/2019 | 1:54:19 AM
Re: The Attack Of The Octopus.
Must be an security incident. IT has released the Kraken again...
mholm971
50%
50%
mholm971,
User Rank: Apprentice
3/24/2019 | 1:52:03 AM
Re: The Attack Of The Octopus.
Mist be a security incident.It has released the kraken again...
drmrs
0%
100%
drmrs,
User Rank: Strategist
3/22/2019 | 10:16:50 AM
The Attack Of The Octopus.
Well, at least it isn't Mobby Dick!
jmgutierrezjr
100%
0%
jmgutierrezjr,
User Rank: Apprentice
3/21/2019 | 6:55:05 PM
Catoon Contest
That's what happens when you don't read the EULA Karen!
cdunn355
100%
0%
cdunn355,
User Rank: Strategist
3/21/2019 | 5:09:31 PM
Password what?
Oh, password cracker! I thought you said you needed a password kraken!
jpappe
100%
0%
jpappe,
User Rank: Apprentice
3/21/2019 | 3:43:48 PM
Bento No-No
Nancy's got to stop using the WiFi at Kyosho. Seems she's brought that new IKA worm back in her bento.
TheVampireO
100%
0%
TheVampireO,
User Rank: Strategist
3/21/2019 | 2:35:22 PM
Underwater
WoW! When the CFO siad we were underwater, I had no idea it was this bad...
<<   <   Page 4 / 7   >   >>


NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Hunny, I looked every where for the dorritos. 
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8567
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods.
CVE-2020-8568
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. This includes paths under var/lib/kubelet/pods that conta...
CVE-2020-8569
PUBLISHED: 2021-01-21
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes, ...
CVE-2020-8570
PUBLISHED: 2021-01-21
Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of the process executi...
CVE-2020-8554
PUBLISHED: 2021-01-21
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typicall...