TLDR Information Security 2024-07-08

Apache Server RCE 🌐, Roll20 data breach ğŸŽ², Taylor Swift Tickets leaked 💃

This SaaS platform fully replicates manual network penetration testing — and costs 50% less (Sponsor)

Attacks & Vulnerabilities

Alabama State Department Of Education Suffered A Data Breach Following A Blocked Attack (2 minute read)

Roll20, an online tabletop role-playing game platform, discloses data breach (3 minute read)

Apache fixed a source code disclosure flaw in Apache HTTP Server (1 minute read)

Strategies & Tactics

July 2: Supply Chain Attack – Digging into the Web of Compromised Domains (10 minute read)

Catching Compromised Cookies (10 minute read)

Exploiting Client-Side Path Traversal to Perform Cross-Site Request Forgery (5 minute read)

Launches & Tools

Bbot (GitHub Repo)

Image Automation Controller (GitHub Repo)

GetReal Labs (Website)


Hackers leak alleged Taylor Swift tickets, amp up Ticketmaster extortion (2 minute read)

Microsoft's Midnight Blizzard source code breach also impacted federal agencies (3 minute read)

RockYou2024: 10 Billion Passwords Leaked in the Largest Compilation of All Time (2 minute read)

Quick Links

CISA Releases Guide to Operational Security for Election Officials (2 minute read)

ChatGPT's much-heralded Mac app was storing conversations as plain text (2 minute read)

Cloudflare incident on June 27, 2024 (14 minute read)

Curated news 📰, research 🧑‍🔬, and tools 🔒 for information security professionals
Join 300,000 readers for