<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Researchers from ETH-Zurich have found a new attack that allows an attacker to leak cryptographic keys from an unmodified QEMU hypervisor process </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/NvXo_jwxW2OsJkOQuKVuR2SDvq9zR5fPuEVMPxiy3m4=422" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/Lu6Qm0VJz7A86-FYBLmk8W-57m5n6O1G3HDljVDeIJ8=422" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=082c694e-8f9c-11f0-892e-214dec94fde6%26pt=campaign%26t=1757682357%26s=e08d1da8943745962dfb26f3af757bb90280f61f7e99b699ef5159a8bce6e9e9/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/siZybe0BWH0oPaxvW32OHUAoNv_rEThPWfVcrwD0xHk=422"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Flp%2Ftldr%3Futm_source=tldr%26utm_medium=email%26utm_campaign=Cy25-09-camp-platform-global-prospect-iis-x-tldr_newsletter_0912/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/yfy9doTFhlO1rxm6l3ooljFiXGaw9ye_IEbP_0_YJGI=422"><img src="https://images.tldr.tech/huntress.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Huntress"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-09-12</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Flp%2Ftldr%3Futm_source=tldr%26utm_medium=email%26utm_campaign=Cy25-09-camp-platform-global-prospect-iis-x-tldr_newsletter_0912/2/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/n2Sjo-ezDooCWkYY_1NedNx8pn5Zr_WBWjSojuOapnI=422">
<span>
<strong>Huntress: Enterprise-grade cybersecurity for ALL businesses - not just the 1% (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cybersecurity is a necessity, not a luxury. But other vendors only focus on the businesses with massive budgets and teams, ignoring the 99% without enterprise resources.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Flp%2Ftldr%3Futm_source=tldr%26utm_medium=email%26utm_campaign=Cy25-09-camp-platform-global-prospect-iis-x-tldr_newsletter_0912/3/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/EwKqKSHAbxhWqR4bzl2e0MqakbbLULkMgUkECew9RoU=422" rel="noopener noreferrer nofollow" target="_blank"><span>Huntress</span></a> brings fully owned, managed, and operated security products to ALL businesses.</p>
<ul>
<li>Purpose-built, fully owned products to protect endpoints, identities, and people
<p></p>
<p></p>
<p>24/7 human-led SOC + AI-assisted threat hunters.</p>
</li>
<li><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Flp%2Ftldr%3Futm_source=tldr%26utm_medium=email%26utm_campaign=Cy25-09-camp-platform-global-prospect-iis-x-tldr_newsletter_0912/4/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/Z3J9BgqeI81FtdarLGfZsA32P5CbiY5qYd5WzYIhhbM=422" rel="noopener noreferrer nofollow" target="_blank"><span>Continuous protection</span></a> for peace of mind.</li>
</ul>
<p>Wreck hackers, not budgets. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Flp%2Ftldr%3Futm_source=tldr%26utm_medium=email%26utm_campaign=Cy25-09-camp-platform-global-prospect-iis-x-tldr_newsletter_0912/5/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/_iriUU4zkPY2EsOXlJoT5zAvaLGF9Yy5TFx8wUSIds4=422" rel="noopener noreferrer nofollow" target="_blank"><span>Get a demo now</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🔓</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-vmscape-attack-breaks-guest-host-isolation-on-amd-intel-cpus%2F%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/1bhSnnZp65zwsWpNOU0rco3XlegP7ReBvtpvYHO4Uzw=422">
<span>
<strong>New VMScape Attack Breaks Guest-Host Isolation on AMD, Intel CPUs (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers from ETH-Zurich have found a new attack that allows an attacker to leak cryptographic keys from an unmodified QEMU hypervisor process running on modern AMD or Intel CPUs. In the attack, a guest user can influence indirect branch prediction in a host user process to leak arbitrary memory at a rate of 32 bytes/second with a byte-level accuracy of 98.7%. AMD has released a security bulletin about the issue. Linux kernel developers have released patches to mitigate the problem.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2F100000-impacted-by-cornwell-quality-tools-data-breach%2F%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/naEp5L_tgseX-m9uSJFfEF-MxUIeghJwKlYYdRddHpQ=422">
<span>
<strong>100,000 Impacted by Cornwell Quality Tools Data Breach (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cornwell Quality Tools has disclosed a ransomware-driven data breach that impacts over 100,000 people. Hackers accessed sensitive information like Social Security numbers and financial data in December 2024. The Cactus group claimed responsibility and leaked corporate docs, though it's unclear if all of the data was released.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theguardian.com%2Fbusiness%2F2025%2Fsep%2F10%2Flner-urges-customers-to-be-vigilant-after-passenger-details-accessed-in-cyber-attack%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/flMxtdemmNGjDTWC0rS4xA0_tZSI4V80jxoc23IxfMA=422">
<span>
<strong>LNER urges customers to be vigilant after passenger details accessed in cyber-attack (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A cyber-attack on LNER's third-party supplier exposed customers' contact information and some journey records, but no payment or password data. LNER's train services remain unaffected. The company has advised vigilance against suspicious communications and stresses that the breach does not compromise sensitive banking details.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧠</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4053891%2Fwhat-the-salesloft-drift-breaches-reveal-about-4th-party-risk.html%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/XRjFwYzSYpqAoi0qLHy80GKdQxrYsuB-yl0t3a8h_Ro=422">
<span>
<strong>What the Salesloft Drift breaches reveal about 4th-party risk (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The SalesLoft Drift breach demonstrates the emerging threat of "fourth-party" risk, where organizations are compromised through their vendor's acquired company (Drift) rather than direct vendor relationships. Attackers exploited legacy OAuth tokens that had been dormant for 18 months since SalesLoft's 2024 acquisition of Drift, allowing access to hundreds of Salesforce instances and Google Workspace accounts. This incident highlights how M&A activities can inherit hidden security risks that extend organizations' attack surfaces far beyond what they can directly assess or control through traditional security measures.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsecurity.googleblog.com%2F2025%2F09%2Fpixel-android-trusted-images-c2pa-content-credentials.html%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/4x63ZJaXC0mp6XQ55y3N26V5F1rWVOut60QapQqg_Ls=422">
<span>
<strong>How Pixel and Android are bringing a new level of trust to your images with C2PA Content Credentials (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google Pixel 10 is the first smartphone to implement C2PA Content Credentials in its native camera app, automatically attaching cryptographically-signed metadata to all photos that documents their creation and editing history. The feature uses hardware-backed security through Tensor G5 and Titan M2 chips to achieve C2PA Assurance Level 2, ensuring tamper-resistant verification while preserving privacy through anonymous attestation and one-time-use cryptographic keys. Google Photos will display this provenance information to help users distinguish between authentic images and AI-generated or edited content, with the capability rolling out gradually to other Android and iOS devices.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FzDzEFc/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/J6jJQlwhXINbeJu7IMPjud4g9K78CXXjBJOUuBf9c1k=422">
<span>
<strong>The Fragile Balance: Assumptions, Tuning, and Telemetry Limits in Detection Engineering (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
When developing detection rules, assumptions are inevitably made that may lead to false positives. When tuning an alert for false positives, detection engineers may run up against telemetry limitations that force them to reconsider their initial assumptions. These limitations may lead the team to recreate the rule from a different data source, accept some amount of false positives, aggressively filter the rule and accept a certain amount of potential misses, or altogether scrap the rule.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧑💻</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftry.drata.com%2Fai%3Futm_source=TLDR%26utm_medium=display%26utm_campaign=202508-18_fy26_comm_DG_COMM_%26utm_content=book_demo%26utm_term=comm_prospects/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/s-51Aq_CcQJIL2FMu1JUQaIJ0-H0v1wMYtDAV3UMJGs=422">
<span>
<strong>Drata drives automated outcomes for GRC (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
If you're leading governance, risk and compliance, you're under constant pressure: security reviews, audits, vendor questionnaires - it never stops. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftry.drata.com%2Fai%3Futm_source=TLDR%26utm_medium=display%26utm_campaign=202508-18_fy26_comm_DG_COMM_%26utm_content=book_demo%26utm_term=comm_prospects/2/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/lodixcnoiOccYc-eunEEtpOLW-OoY8aXD_3QWZhzbOU=422" rel="noopener noreferrer nofollow" target="_blank"><span>Drata's AI-native Trust Management platform</span></a> streamlines the entire GRC workflow. Security questionnaires? Automated. Evidence collection? Continuous. Risk management? Built in. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftry.drata.com%2Fai%3Futm_source=TLDR%26utm_medium=display%26utm_campaign=202508-18_fy26_comm_DG_COMM_%26utm_content=book_demo%26utm_term=comm_prospects/3/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/kWKamXTxSbHwLd69_4n_My2c9KIK6Dk-EjZHr26UhbA=422" rel="noopener noreferrer nofollow" target="_blank"><span>Get a demo</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.cisa.gov%2Fresources-tools%2Fresources%2Feviction-strategies-tool%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/-OhZzOu8JaM0d36Q-YG6t1QKEzLWP6svMKqsqP3bxPk=422">
<span>
<strong>Eviction Strategies Tool (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Eviction Strategies Tool is a tool, maintained by CISA, designed to help incident responders during the containment and eviction phases. It is comprised of a stateless webapp and a database of post-compromise countermeasures mapped to adversary tactics, techniques, and procedures (TTPs).
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fgoogle%2Ffacade%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/KtjVLdJjAEcpBLGNInCn_tpeWVIs8HKsc52Jdvj8gsY=422">
<span>
<strong>FACADE: Fast and Accurate Contextual Anomaly DEtection (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
FACADE is an enterprise security anomaly detection system made by Google. It uses high-precision deep learning across various applications, including defense against insider threats, ACL recommendations, and account compromise detection.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.hush.security%2F%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/72Dz1cZx4gMCKtsahwHvP6NF6CARl9ueCqdGTD94lb0=422">
<span>
<strong>Hush Security (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Hush Security is a platform that eliminates credential-based threats by replacing secrets and vaults with just-in-time, policy-based access for machines, removing the need for credentials entirely.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🎁</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-adds-malicious-link-warnings-to-teams-private-chats%2F%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/nz3-S2r0tukdwHXonXnG2A2wXBaM0TytQSvuAVE4tWk=422">
<span>
<strong>Microsoft Adds Malicious Link Warnings to Teams Private Chats (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft Teams will begin automatically alerting users when they send or receive a private message containing links that have been flagged as spam, phishing, or malware for all Microsoft Defender for Office 365 and Microsoft Teams enterprise customers. The feature will enter preview this month. It will be enabled by default when it reaches general availability in November.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farstechnica.com%2Fsecurity%2F2025%2F09%2Fthe-us-is-now-the-largest-investor-in-commercial-spyware%2F%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/UkmJp3zQtZSEiMLu2lyT-0-wjl7ZaCSCnteez_gzByQ=422">
<span>
<strong>The US is now the largest investor in commercial spyware (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The United States has surpassed all other nations in funding commercial spyware, driving a rapidly expanding global market. New research reveals that US investors now dominate this space by channeling money through hedge funds and pension plans into companies involved in spyware surveillance. Current regulations largely fail to address these financial flows, highlighting growing accountability and policy gaps.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2025%2F09%2F11%2Fkids-in-the-uk-are-hacking-their-own-schools-for-dares-and-notoriety%2F%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/Kv6tQFJUbPy5IavtiE4OWj8Jhgo_jZ-d7OR_smXb3s0=422">
<span>
<strong>Kids in the UK are hacking their own schools for dares and notoriety (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A surge in UK school cyber breaches is driven by students, who are responsible for over half the incidents. These breaches often result from weak passwords, misplaced logins, or staff security lapses. They usually do it as a dare, revenge, or attention-seeking, though some cases involve sophisticated attacks.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">⚡</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.codacy.com%2F%3Futm_campaign=19062107-TLDR%2520Ad%2520Placement%26utm_source=TLDR%26utm_medium=newsletter%26utm_term=tldr-infosec-quicklinks%26utm_content=security/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/KVuQY7_XI6xCZlAxCYwHOKPv-JKFmH4Cy8LTSuXkGaI=422">
<span>
<strong>Codacy: AppSec by design, not by rework (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
<strong>Secure all your code, dependencies and infrastructure effortlessly, with a unified platform that's built-in, not bolted on. </strong><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.codacy.com%2F%3Futm_campaign=19062107-TLDR%2520Ad%2520Placement%26utm_source=TLDR%26utm_medium=newsletter%26utm_term=tldr-infosec-quicklinks%26utm_content=security/2/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/znHYvt_30RpOEQG0gnINOqeO0Whh1uC97bLxRIsP850=422" rel="noopener noreferrer nofollow" target="_blank"><span><strong>Try Codacy for free</strong></span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fddos-defender-targeted-in-15-bpps-denial-of-service-attack%2F%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/pFyICzvJ7d93shz2cBJPuhXpgPmbnTEzOtKDMcvNZOA=422">
<span>
<strong>DDoS defender targeted in 1.5 Bpps denial-of-service attack (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A European DDoS mitigation service provider was hit by a massive distributed denial-of-service attack that reached 1.5 billion packets per second.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F09%2F11%2Fwyden_microsoft_insecure%2F%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/WNxAEQhnse_xzjZf783aj2qa5o3_4VfOlvE2VxbA7Hc=422">
<span>
<strong>Senator blasts Microsoft for 'dangerous, insecure software' that helped pwn US hospitals (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Senator Ron Wyden has urged the FTC to investigate Microsoft after a ransomware attack on major US hospitals exposed flaws in Windows security.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Fchinese-apt-philippine-military-eggstreme-fileless-malware%2F%3Futm_source=tldrinfosec/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/u3_IKRddH0VLZPQfyxvS2v5McHiHl1iHkuAFc-8B448=422">
<span>
<strong>Chinese APT Hits Philippine Military Firm with New EggStreme Fileless Malware (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
EggStreme is a new fileless malware framework used by a China-based APT group to target Philippine military organizations and APAC entities.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/AI5RjM3n3Rcdre7k-O81PFlXdULtQT70yWOiLKU5GrI=422" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/nGnsELEZSssEKQvh9-PLe3hyaQKjQXhzCW19D2OvJnE=422" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? 📰
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/d8pkKBfW0IsACIr2HmhNzz5vKgLjxTC0saogAGbp7TY=422"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? 💼
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/b1RYdC4a-hwnwy3Atzfuh_OD3HILQo3OES0JqhgOjRo=422" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/3jUS02CuU-KDlv70wH7fXl3ZXiYt7tudeiwPNb7TxEc=422"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/BiofPiCspJwDLLg2J3wroRS6fEJ72Kg_Sz6O5z0J8J4=422"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/s69zDdm_zxjaxwJbH7AfOpFcU8IdnEnVxmXY3TT3MJQ=422"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/9s1SHRv_2Vqi8T2HagRjDJGHUs79L6c7W9dg_2vsCAQ=422">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=082c694e-8f9c-11f0-892e-214dec94fde6%26pt=campaign%26pv=4%26spa=1757682053%26t=1757682357%26s=f8d31dc646b3080dbef07b1a0913b55827e2df9e4c7e16bdc20ed1fd06c620d4/1/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/6OCnLNY2fPjsPWcdKyoTw7cHj1eGgXmDJBa7upmmLyM=422">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/010001993e08533b-48f5637d-4ade-4530-9bd7-8325f0a17220-000000/m0yIW43LVFW5935jM9hyWkfjLU-ptNHN9PfCxw09cVI=422" style="display: none; width: 1px; height: 1px;">
</body></html>