Security Team Identifies Critical Vulnerability, Forwards To IT With Note Reading "Fix?"

Filed by Cybersecurity Smith

AUSTIN — The information security team at a regional logistics company on Wednesday identified a critical vulnerability in the firm's customer-facing portal and immediately forwarded the finding to IT operations with a one-word note reading, in its entirety, "Fix - Work Stoppage"

The ticket, which had no severity rating, no affected systems listed, no CVE reference, no recommended remediation, and no contact information, was assigned to senior sysadmin Dave Karlsen, who reportedly stared at it for a full ninety seconds before replying.

"I asked which portal," Karlsen said. "They said 'the one with the thing.' I asked which thing. They said you know it's a developer it's the thing they work one. That was Tuesday."

The security team has since requested a status update.

Security Team Identifies Critical Vulnerability, Forwards To IT With Note Reading "Fix?"

Read more

CISO Presents 90 Page Slide Deck On Patch Management To Sysadmins Who Already Patched It Last Tuesday