Security Queens Hello World!
October Newsletter

Greetings from a very cold, but luckily sunny and dry UK! As Pimms cocktails in back gardens seem a distant memory of the past, we welcome beanies and hot chocolate with open arms. 

It's been a pretty hectic few weeks in SQ HQ, so please excuse the delay in issuing this month's newsletter! 

But our newsletter is delayed for good reason... the Queens have been accepted to speak at BSides London 2021! Our talk "From Paupers to Queens: The Tale of Two Wannabe Hackers" will be a reflective look into two very different career journeys and how the Security Queens came to be. We'll be talking about our own struggles that we faced, as well as our top tips for newbies and career changers. Tune in to find out the backstory of two cyber security-now professionals, our war stories so far, and the huge variety of ways to break into the infosec industry. 

Sarah also had her workshop accepted, so do keep an eye out to book on to her DigiSparks workshop in due course!

Moving onto industry news, a fair few bits have happened as we approach the festive season. 

Global telecommunications company Syniverse reported that they were breached not too long ago. Syniverse provide the infrastructure for other companies such as AT&T and Vodafone, and claimed that at least 235 customers were affected by the hack. 

Shocking to a few, Facebook supposedly disappeared from the internet a few weeks ago when they encountered an issue with BGP and DNS. The global outage also affected Instagram and WhatsApp, of which Cloudflare confirmed "DNS names stopped resolving, and their infrastructure IPs were unreachable". 

Microsoft have recently released Windows 11, featuring a newly redesigned start menu. Although Microsoft supposedly confirmed that Windows 10 would be the last version of the system, Windows 11 developers have confirmed that the system has been designed to be "clean and fresh and simpler" for users. 

Something that hits a little closer to home (especially with our resident ex-streamer Sophia), streaming platform Twitch reported a huge breach that exposed information such as source code and user payout details. Twitch confirmed that the breach was authentic, and was leaked via a 128GB torrent. Ironically Twitch's internal red teaming tools were also leaked as part of the breach. 

Something a little different to round things off, a Β£20,000 keyless car theft device disguised as a Game Boy was recently discovered by police. The device boosted key fob signals in a relay-style attack to steal multiple vehicles before the perpetrator was arrested by police.

A quick PSA before we leave you be, the Queens will be taking a quick blog post break over the winter period to reboot and refresh before the new year! We have plenty planned for 2022, and in the meantime you can catch us at BSides London... 

As always, you can find our recent posts below. 

Lots of love,

The Security Queens xxx

πŸ‘ΈπŸΌπŸ‘ΈπŸ»

There Ain't No Party Like an EC2 Party: Creating Your Website
Estimated difficulty:  πŸ’œπŸ’œ 🀍 🀍🀍 So you have decided to host a website on your EC2 instance? Samesies! If you still aren’t sure where to start with hosting, then check…
Tickets Please: Kerberoasting 101
Estimated difficulty: πŸ’œπŸ’œπŸ’œπŸ’œπŸ€ So as my own personal learning journey into the land of mad hax, I thought I would document something Windows-y for a change (something completely out of…
There Ain't No Party Like an EC2 Party: Securing Your AWS Instance
Estimated difficulty:  πŸ’œπŸ’œ 🀍 🀍🀍 In this post, we are slightly diverging from the original MOBster series and taking a look at Amazon Web Services (AWS). This is the first…
Twitter LinkedIn Youtube Instagram
Modify your subscription    |    View online