Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Cartoon Contest: Second Wind
Oldest First  |  Newest First  |  Threaded View
Page 1 / 2   >   >>
abbyross
0%
100%
abbyross,
User Rank: Strategist
10/3/2019 | 11:46:33 AM
The unconventional patch
Bob: "I alerted the Board that we are vulnerable to Meltdown."

 
blightsey3921
0%
100%
blightsey3921,
User Rank: Strategist
10/3/2019 | 11:47:57 AM
buzzword buzz
Have you noticed that when the Boss comes around spouting the latest buzzwords we get a real voltage surge here ?
ddmclamb
0%
100%
ddmclamb,
User Rank: Apprentice
10/3/2019 | 3:30:15 PM
My feet
My feet are so tired. Wouldn't it be easier if we let the wind turn those things?
Tempest2004
0%
100%
Tempest2004,
User Rank: Black Belt
10/5/2019 | 6:30:50 PM
Second Wind
They were installed to replace the backup generator, forgetting the windows don't open.
Hyznbrg
100%
0%
Hyznbrg,
User Rank: Strategist
10/10/2019 | 1:48:11 PM
Executive Suite
I believe they would be much more effective if installed in the executive suite
mstrmac
0%
100%
mstrmac,
User Rank: Apprentice
10/10/2019 | 4:23:45 PM
Telework
I regret skimming over the telework agreement.
BCURTIS581
67%
33%
BCURTIS581,
User Rank: Apprentice
10/11/2019 | 1:48:01 PM
Mergers
Now that the merger of the cubicle farm with the wind farm is compelte I hear that there are plans to merge with the dairy farm.
jevans1230
75%
25%
jevans1230,
User Rank: Strategist
10/16/2019 | 6:18:00 PM
Disaster Recovery
I've heard of using alternative power sources for Disaster Recovery but this is ridiculous. 
ianrod
0%
100%
ianrod,
User Rank: Strategist
10/28/2019 | 12:59:48 PM
Cloud's biggest fans
I guess managment really is all in on the cloud solution.  They are their biggest fans.
kratiw
0%
100%
kratiw,
User Rank: Strategist
10/31/2019 | 12:19:52 PM
Red Team Simulation
There's the Red Team again, tilting at windmills.
Page 1 / 2   >   >>


Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Active Directory Needs an Update: Here's Why
Raz Rafaeli, CEO and Co-Founder at Secret Double Octopus,  1/16/2020
New Attack Campaigns Suggest Emotet Threat Is Far From Over
Jai Vijayan, Contributing Writer,  1/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
How Enterprises are Attacking the Cybersecurity Problem
How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5216
PUBLISHED: 2020-01-23
In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.9.0, 5.2.0, and 6.3.0. If user-supplied input was passed into append/override_content_security_policy_directives, a newline could be injected leading to limited header injection. Upon seei...
CVE-2020-5217
PUBLISHED: 2020-01-23
In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.8.0, 5.1.0, and 6.2.0. If user-supplied input was passed into append/override_content_security_policy_directives, a semicolon could be injected leading to directive injection. This could b...
CVE-2020-5223
PUBLISHED: 2020-01-23
In PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before 1.3.2, a persistent XSS attack is possible. Under certain conditions, a user provided attachment file name can inject HTML leading to a persistent Cross-site scripting (XSS) vulnerability. The vulnerability has been fixed in PrivateBin v1.3...
CVE-2019-20399
PUBLISHED: 2020-01-23
A timing vulnerability in the Scalar::check_overflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack.
CVE-2020-7915
PUBLISHED: 2020-01-22
An issue was discovered on Eaton 5P 850 devices. The Ubicacion SAI field allows XSS attacks by an administrator.