Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Name That Toon: Naughty or Nice
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 11   >   >>
gcfulcher
100%
0%
gcfulcher,
User Rank: Apprentice
1/4/2017 | 10:18:37 AM
Re: Pending Review
Bah! Codebug!
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
1/4/2017 | 8:55:15 AM
Re: Caption for Naught or Nice
Caption contest is coming to a close! But you still have time to submit something and win an Amazon gift card!

 
PaulV236
50%
50%
PaulV236,
User Rank: Apprentice
1/3/2017 | 6:46:10 PM
Caption for Naught or Nice
"Our new User & Entity Behavioral Analytics Expert keeps yelling "Naughty!" at the screen .. " 
CarolS570
50%
50%
CarolS570,
User Rank: Apprentice
12/31/2016 | 12:47:02 PM
Name that Toon Redux
"Looks like the red team won again."
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
12/31/2016 | 12:46:02 PM
r
"They just moved his office from the roof."
CarolS570
50%
50%
CarolS570,
User Rank: Apprentice
12/31/2016 | 12:44:03 PM
Name that Toon
Social Engineering:1   Physical Security: 0
benn3012
50%
50%
benn3012,
User Rank: Strategist
12/29/2016 | 10:23:30 AM
Hating Change
I was happier when we made toys and the big guy wasn't in the workshop.
musclemachines7
50%
50%
musclemachines7,
User Rank: Apprentice
12/28/2016 | 11:14:13 AM
Naughty or Nice
Hey Alice, download all Santas passcodes, and codes on all electronic gifts. 

Sure Mr Snowden getting right on it!
shineab321
50%
50%
shineab321,
User Rank: Apprentice
12/28/2016 | 6:59:09 AM
Naughty or Nice
A: Hey buddy, who is codding for you?

B: It's (my) secret (santa).
shineab321
50%
50%
shineab321,
User Rank: Apprentice
12/28/2016 | 6:59:09 AM
Naughty or Nice
A: Hey buddy, who is codding for you?

B: It's (my) secret (santa).
<<   <   Page 2 / 11   >   >>


NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8567
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods.
CVE-2020-8568
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. This includes paths under var/lib/kubelet/pods that conta...
CVE-2020-8569
PUBLISHED: 2021-01-21
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes, ...
CVE-2020-8570
PUBLISHED: 2021-01-21
Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of the process executi...
CVE-2020-8554
PUBLISHED: 2021-01-21
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typicall...