Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Name That Toon: End User Lockdown
Newest First  |  Oldest First  |  Threaded View
Page 1 / 6   >   >>
syekim13
100%
0%
syekim13,
User Rank: Strategist
6/6/2019 | 11:12:59 AM
Job Security
Job Security
Koalaking
50%
50%
Koalaking,
User Rank: Strategist
6/6/2019 | 11:10:42 AM
New Person
The new person the hired has gone a bit too far....
rfarnl
50%
50%
rfarnl,
User Rank: Strategist
6/6/2019 | 9:39:57 AM
My request for a day off has been denied
My request for a day off was denied
tharmsen
50%
50%
tharmsen,
User Rank: Apprentice
6/5/2019 | 3:56:32 AM
Privileged Account Management
Our security team are taking accountability a bit far?
mroberts1161
100%
0%
mroberts1161,
User Rank: Strategist
6/3/2019 | 10:09:34 AM
Name That Toon: End User Lockdown
Audit day? What gave it away?
Kristendean80
50%
50%
Kristendean80,
User Rank: Strategist
6/3/2019 | 9:22:50 AM
Locked out
I dont always type my password wrong, but when I do, I make sure to repeat it until Im locked out!
acampbell448
50%
50%
acampbell448,
User Rank: Strategist
5/30/2019 | 9:23:43 AM
Pentest coming!
I think we are ready now for the pentesters to come on site!
isolovey
50%
50%
isolovey,
User Rank: Apprentice
5/29/2019 | 3:09:30 PM
Cartoon Caption: PadLock
Ransomware is getting out of control
rootbid
50%
50%
rootbid,
User Rank: Apprentice
5/28/2019 | 1:54:05 PM
Solidity
Client-side security.
Blaze007
100%
0%
Blaze007,
User Rank: Strategist
5/28/2019 | 1:34:19 PM
Security Posture
"So this is what those Security folk mean when they talk about improving our security posture! I gotta hand it to them, I've never had better neck support!"
Page 1 / 6   >   >>


Tor Weaponized to Steal Bitcoin
Dark Reading Staff 10/18/2019
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
State of SMB Insecurity by the Numbers
Ericka Chickowski, Contributing Writer,  10/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18387
PUBLISHED: 2019-10-23
Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the id parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details.
CVE-2019-18212
PUBLISHED: 2019-10-23
XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory Traversal.
CVE-2019-18213
PUBLISHED: 2019-10-23
XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF (as well as SMB connection initiation that can lead to NetNTLM challenge/response cap...
CVE-2019-18384
PUBLISHED: 2019-10-23
An issue was discovered on TerraMaster FS-210 4.0.19 devices. An authenticated remote non-administrative user can read unauthorized shared files, as demonstrated by the filename=*public*%25252Fadmin_OnlyRead.txt substring.
CVE-2019-18385
PUBLISHED: 2019-10-23
An issue was discovered on TerraMaster FS-210 4.0.19 devices. An unauthenticated attacker can download log files via the include/makecvs.php?Event= substring.