TLDR

TLDR Information Security 2024-07-08

Apache Server RCE 🌐, Roll20 data breach ğŸŽ², Taylor Swift Tickets leaked 💃

This SaaS platform fully replicates manual network penetration testing — and costs 50% less (Sponsor)

🔓
Attacks & Vulnerabilities

Alabama State Department Of Education Suffered A Data Breach Following A Blocked Attack (2 minute read)

Roll20, an online tabletop role-playing game platform, discloses data breach (3 minute read)

Apache fixed a source code disclosure flaw in Apache HTTP Server (1 minute read)

🧠
Strategies & Tactics

July 2: Polyfill.io Supply Chain Attack – Digging into the Web of Compromised Domains (10 minute read)

Catching Compromised Cookies (10 minute read)

Exploiting Client-Side Path Traversal to Perform Cross-Site Request Forgery (5 minute read)

🧑‍💻
Launches & Tools

Bbot (GitHub Repo)

Image Automation Controller (GitHub Repo)

GetReal Labs (Website)

ğŸŽ
Miscellaneous

Hackers leak alleged Taylor Swift tickets, amp up Ticketmaster extortion (2 minute read)

Microsoft's Midnight Blizzard source code breach also impacted federal agencies (3 minute read)

RockYou2024: 10 Billion Passwords Leaked in the Largest Compilation of All Time (2 minute read)

⚡️
Quick Links

CISA Releases Guide to Operational Security for Election Officials (2 minute read)

ChatGPT's much-heralded Mac app was storing conversations as plain text (2 minute read)

Cloudflare 1.1.1.1 incident on June 27, 2024 (14 minute read)

Curated news 📰, research 🧑‍🔬, and tools 🔒 for information security professionals
Join 300,000 readers for