US Capitol Attack a Wake-up Call for the ...

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

50%

tdsan,
User Rank: Ninja
1/14/2021 | 12:13:16 PM

I am not sure what you saw but I don't think it was not a lack of capability.

From what I saw,

The National Guard was told to stand down from the request made by the major of DC
They knew about the march to the capitol in November
After 5 pm, that is when most of the protection arrived from different parts of the country
Most of the individuals that breached the capitol were white
The security guards and capitol police helped the older individuals down the stairs (saws on CNN)

So let's be honest here, that building has state of the art video surveillance/cameras. They have a subway that is at a lower floor that allows congressman to travel to remote sites where they can get into their cars.

So they knew what was going on but were told to stand down and the president (Chief Officer of the US) stated that they should march to the capitol and express their discontent with the voting process. No matter how much technology you have, it is dependent upon careful use also, security professionals had their hands in their pockets, slowly moving the crowd away from the capital.

Trump Says 'We Will Never Concede' as Mob Storms Capitol Building - The New York Times

Trump Says 'We Will Never Concede' as Mob Storms Capitol Building - The New York Times

If this group were of color, it would have been a blood bath, so I have to respectfully disagree with your sentiments, they have the technology, they were told to stand down.

T

Reply | Post Message | Messages List | Start a Board

Editors' Choice

How SolarWinds Busted Up Our Assumptions About Code Signing

Dr. Jethro Beekman, Technical Director, 3/3/2021

'ObliqueRAT' Now Hides Behind Images on Compromised Websites

Jai Vijayan, Contributing Writer, 3/2/2021

Attackers Turn Struggling Software Projects Into Trojan Horses

Robert Lemos, Contributing Writer, 2/26/2021

Live Events

Webinars

Interop Digital - Free Cybersecurity Event April 29

Communications & Collaboration: 2024 (March 9-10)

More Informa Tech Live Events

White Papers

Why Add Security to Your Skill Set and How to Do It

Intelligent Outcomes Are Key to Business Resilience

10 Must-Have Capabilities for Stopping Malicious Automation Checklist

451 Cloud Confidence Report

Balancing Hybrid Storage as Part of a Hybrid Cloud Data Management Strategy

More White Papers

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

2021 Top Enterprise IT Trends

We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises are Developing Secure Applications

Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.

Download Now!

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-24913
PUBLISHED: 2021-03-04

A SQL injection vulnerability in qcubed (all versions including 3.1.1) in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request.

CVE-2020-24914
PUBLISHED: 2021-03-04

A PHP object injection bug in profile.php in qcubed (all versions including 3.1.1) unserializes the untrusted data of the POST-variable "strProfileData" and allows an unauthenticated attacker to execute code via a crafted POST request.

CVE-2020-24036
PUBLISHED: 2021-03-04

PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code.

CVE-2020-24912
PUBLISHED: 2021-03-04

A reflected cross-site scripting (XSS) vulnerability in qcubed (all versions including 3.1.1) in profile.php via the stQuery-parameter allows unauthenticated attackers to steal sessions of authenticated users.

CVE-2019-18629
PUBLISHED: 2021-03-04

Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow an attacker to execute an unwanted binary during a exploited clone install. This requires creating a clone file and signing that file with a com...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]