Welcome back to our Evolution of Scalper Bots series. In part one, the Origins of Scalping, we started our journey through scalping’s long history. We saw that it is far from a new concept: people have been reselling high-demand items for centuries, from as far back as 325 BCE! We’ll continue our journey at the turn of the 21st Century. With the advent of online ticketing, a new frontier had just been opened for scalpers, and things would never be the same again.

DNS policies play a critical role in managing and securing workload communication for cloud-native applications running on Kubernetes clusters. Two popular options for implementing DNS policies are Calico and Cilium. While both have their merits, Calico’s approach offers several distinct advantages over Cilium’s, particularly in terms of flexibility, scalability, and overall operational simplicity.

As companies handle increasingly sensitive information, securing data in motion—the data actively transferred across networks or between devices—has become an important priority. Whether moving through corporate networks, across mobile devices, or stored in the cloud, this data is particularly vulnerable to threats from malicious actors, insider threats, and unauthorized users.

Did it ever cross your mind to ask if your password can defend your sensitive info on the web all by itself? In the digital world of today, where cyber threats are rapidly developing, the traditional way of protecting the system with single password has become more and more insecure. Therefore, it is the user who is more exposed to such cyberattacks. Just to mention, more than 81% of data breaches are associated with weak or stolen passwords.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! A badly coded WordPress plugin again. Luckily it has been caught: Sneaky! DNS is such a great lure for using as a control channel. I’m really surprised its not used more: Oh dear. At least they found it in the end…

Out-of-bounds memory access, also known as buffer overflow, occurs when a program tries to read from or write to a memory location outside the bounds of the memory buffer that has been allocated for it. This type of vulnerability is particularly dangerous because it can lead to various issues, including crashes, data corruption, sensitive data leaks, and even the execution of malicious code.

Data Loss Prevention (DLP) for email systems helps organizations prevent sensitive data within email from being lost, leaked, or accessed by unauthorized individuals, be it an insider risk or malicious behavior from outside. Solutions for email DLP monitor inbound and outbound messages, searching for loss risks like content or attachments that are sensitive, confidential, or protected by regulation. Email DLP systems can flag, block, or delete an email based on custom policy.

On August 21, 2024, SolarWinds released a second hotfix for SolarWinds Web Help Desk (WHD) version 12.8.3. This hotfix addresses a newly disclosed hardcoded credential vulnerability (CVE-2024-28987) that allows a remote, unauthenticated attacker to access internal functionality and modify data. Additionally, the hotfix resolves the Java deserialization remote code execution (RCE) vulnerability (CVE-2024-28986) disclosed the previous week and fixes functionality issues introduced by the first hotfix.

Email remains a critical communication channel for businesses of all sizes, but it also presents significant data security risks. Data loss prevention (DLP) for email is an essential component of any robust cybersecurity strategy that can help your organization safeguard sensitive information from accidental leaks, malicious insiders, and external threats.

As offensive security specialists for over 10 years, we have tested countless organisations who believe their SIEM, EDR or MDR provider offers them comprehensive defense, only to find them lacking in fundamental areas. From our experience, some “traditional” in-house, yet adequately resourced, Security Operations Centres (SOCs) can still provide a robust defense, while others struggle to stay on top of emerging threats.