Cloud

1/8/2018
02:00 PM
John Klossner
John Klossner
Cartoon Contest
100%
0%

Cartoon: C-Suite & Cybersecurity

John Klossner has been drawing technology cartoons for more than 15 years. His work regularly appears in Computerworld and Federal Computer Week. His illustrations and cartoons have also been published in The New Yorker, Barron's, and The Wall Street Journal. Web site: ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Manon.
50%
50%
Manon.,
User Rank: Apprentice
2/2/2018 | 2:13:24 AM
Not without a reason, Mr. X. I assure you.
Mr. X: I hereby present you a fail-safe security model, which failed to strike in the minds of our rapidly growing competitor!

Manager: Not without a reason, Mr. X. I assure you, it was not without a reason.
ebyjeeby
50%
50%
ebyjeeby,
User Rank: Strategist
1/25/2018 | 1:04:21 PM
caption
All the security that's in the budget!
ak25455
50%
50%
ak25455,
User Rank: Apprentice
1/23/2018 | 5:19:53 PM
Re: C-suite and Cybersecurity
..and to demonstrate separation of duties within our security department....
Joe Stanganelli
0%
100%
Joe Stanganelli,
User Rank: Ninja
1/22/2018 | 10:22:06 PM
Centralization
I suspect that different approach will involve a six-armed guy doing all three motions -- lest any insight be observed accidentally!
Kristendean80
100%
0%
Kristendean80,
User Rank: Strategist
1/18/2018 | 11:52:23 AM
Re: C-Suite & Cybersecurity
Information Security is a top priority at this company. We've done a lot of stupid things we would like to keep secret.
cynrgy
67%
33%
cynrgy,
User Rank: Strategist
1/17/2018 | 3:47:34 PM
Re: C-Suite & Cybersecurity
We have adopted a three-pronged approach to pc security.  Thus far no one has seen, heard, or spoken of any problems relating to it so it must be affective.
sharrondhuga
50%
50%
sharrondhuga,
User Rank: Apprentice
1/17/2018 | 11:43:35 AM
amazing
amazing
cybersavior
50%
50%
cybersavior,
User Rank: Strategist
1/17/2018 | 8:45:46 AM
Rather....
Equifax's Simian Army
GWAIN
50%
50%
GWAIN,
User Rank: Strategist
1/16/2018 | 1:25:49 PM
Threat vs Risk
We have presented legacy and emerging threats.  Let me introduce you to how the business is dealing with the risk.
InfoSecurityMaster
50%
50%
InfoSecurityMaster,
User Rank: Strategist
1/16/2018 | 12:03:53 PM
Barrel of Monkeys
...so, any questions on how to brief The Board on information security?
Page 1 / 2   >   >>
12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Most IT Security Pros Want to Change Jobs
Dark Reading Staff 10/12/2018
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.
CVE-2018-18375
PUBLISHED: 2018-10-16
goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attackers to extract APN data (name, number, username, and password) via the rand parameter.
CVE-2018-18376
PUBLISHED: 2018-10-16
goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remote attackers to discover information about currently connected devices (hostnames, IP addresses, MAC addresses, and connection time) via the rand parameter.