Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

11/26/2014
10:00 AM
John Klossner
John Klossner
Cartoon Contest
100%
0%

Cartoon: The Insider Threat

John Klossner has been drawing technology cartoons for more than 15 years. His work regularly appears in Computerworld and Federal Computer Week. His illustrations and cartoons have also been published in The New Yorker, Barron's, and The Wall Street Journal. Web site: ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
saipraneeth
50%
50%
saipraneeth,
User Rank: Apprentice
4/17/2015 | 6:58:46 AM
Re: Social engineering the office party..
nice post
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
12/16/2014 | 11:45:06 AM
Re: It's a small world
That was undoubtedly awkward for both of you. IT communities within a city are typically small and closely knit. I attend several tech conferences every year and I see the same people time and again, albeit sometimes with different companies. Unfortunately, non-IT executives rarely venture into those gatherings and it is difficult for them to network with IT professionals, so they sometimes have to rely on paper qualifications. I know some IT folks who look very good on paper, but somewhat lacking in actual experience. Things have a way of sorting themselves out though, especially in a highly technical field such as IT.
aws0513
50%
50%
aws0513,
User Rank: Ninja
12/16/2014 | 11:33:59 AM
Re: It's a small world
The situation was somewhat less than seredipitous.
From what I learned later, the guy omitted or "embellished" certain details about his work history.
Definitely an awkward situation for my friend.  He was desparate for a security professional leader for the executive team, but found out after the fact that he had possibly hired a lemon.

I told my friend that it was not uncommon for paths to cross in the security industry.  Good security professionals understand and commonly engage the power of human networking and knowledge sharing.
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
12/16/2014 | 10:57:53 AM
Re: It's a small world
Reminds me of that long standing joke about government employees - if you do good work, you are considered invaluable in that position and simply stagnate; but if you screw up, you are removed from the position and then get promoted!
aws0513
100%
0%
aws0513,
User Rank: Ninja
12/15/2014 | 4:00:01 PM
It's a small world
Awhile back, I was attending a small scale IT security symposium.
The first part of the event was a short social time where everyone had bagels and coffee before the first presentation. 

It was shortly into that social time when I ran into a good friend who happened to be an executive for another company in the city where this conference was located.  He wanted to introduce me to his new CISO and sent his administrative assistant to fetch him from somewhere on the other side of the crowded room.

A few moments later, the assistant came back somewhat upset. She mentioned the CISO had to leave in a rush due to some kind of emergency.  My friend was visibly concerned and hoped that we could link up again in the future.  He then told me the name of this new CISO and if I had heard of him before.

When he told me the name of this new CISO, I first had to verify what the guy looked like and finalized that by mentioning the name of this new CISOs wife.  My friend was amazed I knew the guy and asked where we had crossed paths.

Then I proceeded to inform my friend how approximately a year prior I was involved in getting his new CISO released (fired) from a network manager position at another organization we both happened to work for.  The reasons for which I was not at liberty to disclose.

Awkward...
Soozy G. Miller
50%
50%
Soozy G. Miller,
User Rank: Apprentice
12/15/2014 | 1:18:01 PM
for a day
Maybe if it could be stolen for a day and I could be someone else for just that day, it would be cool. Like Madonna. Or Kate Middleton. Or Gwen Stefani. Would I get Gwen's voice along with her identity?
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
12/4/2014 | 12:20:46 AM
Re: Who's stealing from whom?
@ODA155: haha, you flatter me.

Okay, someone with more money, then.  :p
ODA155
50%
50%
ODA155,
User Rank: Ninja
12/3/2014 | 5:28:38 PM
Re: Who's stealing from whom?
@Joe Stanganelli,... Someone "cooler" than you... dude, how is that even possible?
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
12/3/2014 | 10:57:48 AM
Re: Who's stealing from whom?
LOL, Joe. If only it was that simple..
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
12/3/2014 | 1:12:56 AM
Who's stealing from whom?
Sometimes I worry about having my identity stolen.

Then I think that if that ever happened, I could seize the opportunity to take on the identity of someone cooler.
Page 1 / 2   >   >>
10 Ways to Keep a Rogue RasPi From Wrecking Your Network
Curtis Franklin Jr., Senior Editor at Dark Reading,  7/10/2019
The Security of Cloud Applications
Hillel Solow, CTO and Co-founder, Protego,  7/11/2019
Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Jim, stop pretending you're drowning in tickets."
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-1575
PUBLISHED: 2019-07-16
Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier may allow for an authenticated user with read-only privileges to extract the API key of the device and/or the username/password from the XML API (in PAN-OS) and p...
CVE-2019-1576
PUBLISHED: 2019-07-16
Command injection in PAN-0S 9.0.2 and earlier may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user?s permissions.
CVE-2018-19629
PUBLISHED: 2019-07-16
A Denial of Service vulnerability in the ImageNow Server service in Hyland Perceptive Content Server before 7.1.5 allows an attacker to crash the service via a TCP connection.
CVE-2019-10100
PUBLISHED: 2019-07-16
Quake3e < 5ed740d is affected by: Buffer Overflow. The impact is: Possible code execution and denial of service. The component is: Argument string creation.
CVE-2019-10100
PUBLISHED: 2019-07-16
UPX 3.95 is affected by: Integer Overflow. The impact is: attacker can cause a denial of service. The component is: src/p_lx_elf.cpp PackLinuxElf32::PackLinuxElf32help1() Line 262. The attack vector is: the victim must open a specially crafted ELF file.