A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Most of us after almost a year of regular lock-downs are experiencing cabin fever. In some cases it erupts in quite interesting ways – such as this one. I very much doubt it is a hacker, most likely an employee trying to release ‘tension’.

When it comes to maturing an AppSec program, there are several best practices that can help you get started. In part two of our AppSec podcast series, Tim Jarrett, Director of Product Management at Veracode, and Kyle Pippin, Director of Product Management at ThreadFix, share the top 3 things they’ve learned from organizations that have successfully matured and scaled their AppSec programs.

Scalper bots are designed to automatically purchase online goods. Generally, they do this by adding a product to a cart and completing the checkout process far faster than any human could hope to do so. They exploit vulnerabilities in websites to purchase goods before they are even listed as available to the usual human users of a website. Those using scalper bots have a huge advantage over non-bot users when it comes to purchasing limited-quantity items.

The efficacy of remote work has been debated for decades. Now, as companies begin pursuing a post-Covid-19 reality, the debate is finally settled. According to some of the most prominent companies in Silicon Valley, including Google, Facebook, Twitter and Apple, the answer is a hybrid model. Rather than being dogmatic and dichotomous about workplace arrangements, these companies find value in a hybrid model that includes a flexible mix of on-site and remote teams.