Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Name That Toon: SOC Puppets
Threaded  |  Newest First  |  Oldest First
danielcummins
25%
75%
danielcummins,
User Rank: Apprentice
9/16/2019 | 8:02:33 AM
name that toon entry
Ever since his cryptography class, he's been obsessed with Alice and Bob.
bbbarrier
0%
100%
bbbarrier,
User Rank: Apprentice
9/16/2019 | 2:24:43 PM
Puppet show exploit
New social engineering technique spotted in the wild. 

 

-bbbarrier

 

 
StephenP787
75%
25%
StephenP787,
User Rank: Strategist
9/16/2019 | 2:56:19 PM
Re: Write a Caption, Win a Prize
This is not what I had expected when we discussed preparing for the upcoming SOC 2 Assessment.
DarkReading24
20%
80%
DarkReading24,
User Rank: Apprentice
9/17/2019 | 7:49:40 AM
Hijacked
Someone hijacked Tim's streaming accounts over the weekend. Even if he somehow gets control again, I think the damage has already been done.
reg2385
25%
75%
reg2385,
User Rank: Strategist
9/17/2019 | 11:28:04 AM
Cartoon contest
Since they removed my side cube wall, I feel like i am under survellance.
jd.daniels
40%
60%
jd.daniels,
User Rank: Apprentice
9/19/2019 | 1:10:29 PM
Creepy
Can we make sure my computer's camera is off? I feel like I am being watched.
vantag
20%
80%
vantag,
User Rank: Apprentice
9/20/2019 | 9:32:19 AM
Re: Write a Caption, Win a Prize
"He's too shy to invite me out face to face!"
Hazbro
0%
100%
Hazbro,
User Rank: Apprentice
9/22/2019 | 5:13:13 AM
Cartoon Caption Contest
I wish they'd put a sock in it.
thekob96
25%
75%
thekob96,
User Rank: Apprentice
9/25/2019 | 2:24:04 PM
First day on the job
I don't want to alarm you... but being that you are the first female software engineer that our company has hired...?  You might find that there are those within your department who are a little curious about your presence here.
harrismc
50%
50%
harrismc,
User Rank: Apprentice
9/25/2019 | 2:29:22 PM
Soc puppets
That is not what I had in mind when we asked for a  2 SOC assessment
Doubleton
0%
100%
Doubleton,
User Rank: Apprentice
9/26/2019 | 8:30:42 AM
Identity theft.
His resume said "Identity Theft Expert."
jojoh
67%
33%
jojoh,
User Rank: Apprentice
9/26/2019 | 3:45:04 PM
Monitor This
It appears our SOC monitoring tools are up and running.
packetnarc
0%
100%
packetnarc,
User Rank: Strategist
9/27/2019 | 11:57:22 AM
Sock Puppet Social Engineer
Our new Social Engineering campaign sure has brought Allen out of his shell. I just hope he washed them first.
amaguhn
25%
75%
amaguhn,
User Rank: Strategist
10/1/2019 | 7:49:25 AM
Security Training
The security training budget has been hit hard this year.
archeanchaos
25%
75%
archeanchaos,
User Rank: Apprentice
10/2/2019 | 3:18:03 PM
Re: Write a Caption, Win a Prize
George asked for advice on social engineering techniques. I told him the best methods involve something you know.
matthewkmiller
25%
75%
matthewkmiller,
User Rank: Strategist
10/7/2019 | 1:29:16 PM
SOC Sock Puppets
The executive spoof training technique needed work.
matthewkmiller
33%
67%
matthewkmiller,
User Rank: Strategist
10/7/2019 | 1:31:41 PM
SOC Sock Puppets
The new hire misunderstood the job description for the SOC position.
havancourt
33%
67%
havancourt,
User Rank: Apprentice
10/7/2019 | 4:31:35 PM
caption - The auditors are performing a SOX review
The auditors are performing a SOX review
mikeoke_2k4
0%
100%
mikeoke_2k4,
User Rank: Strategist
10/8/2019 | 8:52:19 AM
SOC Puppets
Billy denied the rumour that outsourcing their SIEM to a third party would turn the Security department into SOC Puppets
maramtunis
0%
100%
maramtunis,
User Rank: Apprentice
10/9/2019 | 10:07:30 AM
SOC puppets
Do you SMELLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL the SOX coming! ( Only in WWE restling voice)
maramtunis
0%
100%
maramtunis,
User Rank: Apprentice
10/9/2019 | 10:08:12 AM
SOC puppets
Do you SMELLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL the SOX coming! ( Only in WWE restling voice)
Boiler95
25%
75%
Boiler95,
User Rank: Apprentice
10/10/2019 | 4:07:55 PM
SOC (Summer of Code)
"I don't think Jimmy understands what the Summer of Code is."
Hudey123
50%
50%
Hudey123,
User Rank: Apprentice
10/11/2019 | 11:28:27 AM
SOC Puppets caption:
We hired him because his resume said he had expert level Puppet skills. We're waiting for lunch so he can show off his Chef skills before HR starts the termination process.
underestimatess
50%
50%
underestimatess,
User Rank: Apprentice
10/16/2019 | 1:23:18 PM
Sock Puppet Cartoon Contest
Day 34: They still haven't noticed we replaced the entire SOC with socks.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-42258
PUBLISHED: 2021-10-22
BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware installation. SQL injection can, for example, use the txtID (aka username) parameter. Successful exploitation can include ...
CVE-2020-28968
PUBLISHED: 2021-10-22
Draytek VigorAP 1000C contains a stored cross-site scripting (XSS) vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username input field.
CVE-2020-28969
PUBLISHED: 2021-10-22
Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow which allows attackers to cause a denial of service (DoS) via a crafted PDF file.
CVE-2020-36485
PUBLISHED: 2021-10-22
Portable Ltd Playable v9.18 was discovered to contain an arbitrary file upload vulnerability in the filename parameter of the upload module. This vulnerability allows attackers to execute arbitrary code via a crafted JPEG file.
CVE-2020-36486
PUBLISHED: 2021-10-22
Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting (XSS) vulnerability via the 'path' parameter of the 'list' and 'download' exception-handling.