TLDR

TLDR Information Security 2024-09-04

Transport For London Cyberattack 🇬🇧, Yubikey cloning attack 🔒, Changes to OSCP 📚

🔓
Attacks & Vulnerabilities

Transport for London confirms cyberattack, assures us all is well (2 minute read)

Thousands Exposed in Fota Wildlife Park Breach (4 minute read)

YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel (3 minute read)

🧠
Strategies & Tactics

AWS IAM: A Comprehensive Guide Towards Least Privilege (11 minute read)

Linux Detection Engineering with Auditd (28 minute read)

Playing Around with AWS-Vault for Fun & Profit (7 minute read)

🧑‍💻
Launches & Tools

🆕 Microsoft Copilot is spreading like wildfire. Prompt Security wants to prevent it from leaking your data (Sponsor)

SentryPeer (GitHub Repo)

Traceeshark (GitHub Repo)

Windows API Function Cheatsheets (GitHub Repo)

🎁
Miscellaneous

Ex-Engineer Charged in Missouri for Failed $750,000 Bitcoin Extortion Attempt (2 minute read)

Changes to the OSCP (5 minute read)

Microsoft Copilot: From Prompt Injection to Exfiltration of Personal Information (6 minute read)

⚡️
Quick Links

Sextortion Scams Now Include Photos of Your Home (3 minute read)

2025 Budget Planning Guide For Security And Risk Leaders (12 minute read)

FBI warns crypto firms of aggressive social engineering attacks (3 minute read)

Curated news 📰, research 🧑‍🔬, and tools 🔒 for information security professionals
Join 280,000 readers for one daily email