Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Comments
Name that Toon: Risky Business
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 10   >   >>
emallove
50%
50%
emallove,
 User Rank: Apprentice
10/12/2018 | 3:15:28 PM
Workplace Ergonomics
"Yoga ball chairs, stand-up desks, treadmill offices. Have workplace ergonomics gone too far?"
xaviernj
60%
40%
xaviernj,
 User Rank: Apprentice
10/12/2018 | 10:05:34 AM
Caption contest
This new three factor authentication is noooott easy.
ianrod
50%
50%
ianrod,
 User Rank: Strategist
10/12/2018 | 8:34:56 AM
Name that Toon
Once again, IT was left to hang out and dry.
Blaze007
75%
25%
Blaze007,
 User Rank: Strategist
10/11/2018 | 3:20:34 PM
Re: Put your thinking cap on! We have new cartoon caption contest!
An exemplary role model for his co-workers, Bob considers all perspectives when performing a thorough risk analysis.
rdmcmath
50%
50%
rdmcmath,
 User Rank: Apprentice
10/11/2018 | 1:37:51 PM
Cartoon caption
"He must have fallen for the latest phishing bait."
FIREarly
50%
50%
FIREarly,
 User Rank: Apprentice
10/11/2018 | 10:54:11 AM
Cartoon Caption
The Houdini hack will get me out of this!
cjonesv2s
50%
50%
cjonesv2s,
 User Rank: Apprentice
10/10/2018 | 2:31:48 PM
Cartoon Caption
He's managed to turn the computing world upsidedown!
anotherphase
50%
50%
anotherphase,
 User Rank: Strategist
10/9/2018 | 11:35:49 PM
"He is determined not to make himself a low-hanging fruit for hackers."

"He is determined not to make himself a low-hanging fruit for hackers."

Coolster65
50%
50%
Coolster65,
 User Rank: Apprentice
10/8/2018 | 11:38:08 AM
Name that Toon: Risky Business
That's not what they mean by "Agile DevOps" Bart ... 
CaptionCurator
50%
50%
CaptionCurator,
 User Rank: Apprentice
10/5/2018 | 5:23:21 PM
Re: Put your thinking cap on! We have new cartoon caption contest!
Bob thinks the CIO's statement to "tie up security holes" was taken a little too far.
<<   <   Page 2 / 10   >   >>


NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-22847
PUBLISHED: 2021-01-22
Hyweb HyCMS-J1's API fail to filter POST request parameters. Remote attackers can inject SQL syntax and execute commands without privilege.
CVE-2021-22849
PUBLISHED: 2021-01-22
Hyweb HyCMS-J1 backend editing function does not filter special characters. Users after log-in can inject JavaScript syntax to perform a stored XSS (Stored Cross-site scripting) attack.
CVE-2020-8567
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods.
CVE-2020-8568
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. This includes paths under var/lib/kubelet/pods that conta...
CVE-2020-8569
PUBLISHED: 2021-01-21
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes, ...