Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Cartoon: The Cyber Mindset
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
JohnM217
100%
0%
JohnM217,
User Rank: Strategist
5/8/2019 | 6:17:44 PM
Re: Cyber Mindset
I guess Bob is trying to prevent a possible back-door attack.
Tempest2004
50%
50%
Tempest2004,
User Rank: Strategist
4/26/2019 | 3:20:24 PM
Cyber Mindset
That must be Joe, the new Physical Security manager.
jrig1842
50%
50%
jrig1842,
User Rank: Strategist
4/17/2019 | 7:25:47 AM
What About "Up"?
Bill just doesn't realize it's more than a 2 dimensional world.
PanamaVet
33%
67%
PanamaVet,
User Rank: Strategist
4/12/2019 | 8:36:53 AM
Tentacles
Joe got PTSD from the Octopus prank last week.
Ratteau
50%
50%
Ratteau,
User Rank: Strategist
4/10/2019 | 9:15:56 AM
Not quite
I see acquisitions got Bill's request for a sandbox to test out his code.
acampbell448
67%
33%
acampbell448,
User Rank: Strategist
4/9/2019 | 9:32:36 AM
Walled Garden
I know Apple users love thier walled garden, but don't you think this is a bit too far?
Ratteau
100%
0%
Ratteau,
User Rank: Strategist
4/9/2019 | 8:58:38 AM
Im out
I'm updating my resume tonight.  I heard him talking to a plumber earlier.
Deadsnott
50%
50%
Deadsnott,
User Rank: Strategist
4/9/2019 | 7:07:29 AM
New Cartoon from John Klossner....
"Remind me to send that memo about breaking down silos."
CWPS
50%
50%
CWPS,
User Rank: Strategist
4/8/2019 | 10:03:43 AM
Re: New Cartoon from John Klossner....
He wanted a roof too but HR wouldn't approve it as a "workplace accomodation"
CWPS
50%
50%
CWPS,
User Rank: Strategist
4/8/2019 | 9:28:38 AM
Re: New Cartoon from John Klossner....
In the summer he fills it with water and invites everyone to the pool party.
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/1/2020
Stay-at-Home Orders Coincide With Massive DNS Surge
Robert Lemos, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13757
PUBLISHED: 2020-06-01
Python-RSA 4.0 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causing exces...
CVE-2020-13758
PUBLISHED: 2020-06-01
modules/security/classes/general.post_filter.php/post_filter.php in the Web Application Firewall in Bitrix24 through 20.0.950 allows XSS by placing %00 before the payload.
CVE-2020-9291
PUBLISHED: 2020-06-01
An Insecure Temporary File vulnerability in FortiClient for Windows 6.2.1 and below may allow a local user to gain elevated privileges via exhausting the pool of temporary file names combined with a symbolic link attack.
CVE-2019-15709
PUBLISHED: 2020-06-01
An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI.
CVE-2020-13695
PUBLISHED: 2020-06-01
In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user has sudo privileges to execute grep as root without a password, which allows an attacker to obtain sensitive information via a grep of a /root/*.db or /etc/shadow file.