<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Threat actors have stolen a massive amount of data from the Chinese cybersecurity firm Knownsec. The breach includes specifications for cyber weapons </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/DNeQafjP6qQDHAlCQVpm9WcqUvMnqkk86H2Pa-3JRr0=431" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/mqeeKw-1_Yh87tmGvf6MDyrASoJUZ_QALV-ll2RxhOY=431" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=693dc9ec-bec4-11f0-ae3c-b766de1b036e%26pt=campaign%26t=1762870751%26s=2323ff0898fb0ec378ae9763d50720cd571ff3059e021660abb1d8f3c0e47b11/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/hbTZAbiXPgKfm2KgUW0DlFvyY0KoXxEGIM5zQH8Nm2s=431"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securecodewarrior.com%2Farticle%2Fsecure-by-design-whitepaper-pdf/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/Yd4wk_r69Cdcs2uTZsPLCJqg0E0NO18_W_X5KhpbFt0=431"><img src="https://images.tldr.tech/securecodewarrior-2.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Secure Code Warrior"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-11-11</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securecodewarrior.com%2Farticle%2Fsecure-by-design-whitepaper-pdf/2/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/humPvHW5LBm4JkUlO-jljyqqSpz6I2icknrF4hTEk7A=431">
<span>
<strong>Free Resources for Scaling Developer-Driven Security (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Turn security into an integral part of your SDLC with these 3 free resources from Secure Code Warrior:<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdiscover.securecodewarrior.com%2Fwebinar-benchmarking-security-skills-registration.html/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/J_twBnJNNkM7E1-SEu1tTaWiaXEeqxeZ5TADWawEsEY=431" rel="noopener noreferrer nofollow" target="_blank"><span>1️⃣ <strong>Benchmarking Secure-by-Design initiatives</strong></span></a>: A presentation looking at aggregated data derived from multiple primary sources, including internal data points collected from over 250,000 developers.</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securecodewarrior.com%2Farticle%2Fsecure-by-design-whitepaper-pdf/3/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/_FGTQFPzLxAwrvyGfeJ3yv0Pck9U5U2J25ftRMz3gAo=431" rel="noopener noreferrer nofollow" target="_blank"><span>2️⃣ <strong>Secure by Design research paper</strong></span></a><strong>: </strong>Defining best practices, enabling developers, and benchmarking preventative security outcomes. Authored by Secure Code Warrior co-founders, Pieter Danhieux and Dr. Matias Madou, Ph.D., along with expert contributors.</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securecodewarrior.com%2Fproduct%2Ftrust-agent/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/0HTcVCJF6wE1p3jVoerdEF045WPd-7M6EQq4jv3-YFI=431" rel="noopener noreferrer nofollow" target="_blank"><span><strong>3️⃣ Free trial of SCW Trust Agent</strong></span></a>: Analyzes every code commit by correlating commit data with the contributor's language-specific secure coding proficiency.
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🔓</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgbhackers.com%2Fdata-leak%2F%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/3fwLeob-viX3a3OdfjURfXkxiUO6lzpG94QNvyzKfIk=431">
<span>
<strong>Data Leak Exposes Chinese State-Sponsored Cyber Arsenal and Target Database (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Threat actors have stolen a massive amount of data from the Chinese cybersecurity firm Knownsec. The breach includes specifications for cyber weapons, source code for proprietary hacking tools, operational details of government collaborations, and an extensive list of foreign surveillance targets. A spreadsheet within the breach details 80 overseas targets allegedly compromised by Knownsec operatives.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Faws.amazon.com%2Fsecurity%2Fsecurity-bulletins%2Frss%2Faws-2025-025%2F%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/dWuMcSoTHbSZAPkZ0bV5RryPTagk0Y-ceTh2m7lG6lc=431">
<span>
<strong>Improper Authentication Handling in the Amazon WorkSpaces Client for Linux (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Amazon identified a vulnerability in the Amazon WorkSpaces client for Linux. Under specialized circumstances, an attacker may be able to extract a valid authentication token from the client's machine and access another user's Workspace. The impacted client versions have reached end-of-support. Customers are encouraged to upgrade to a supported version.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2Fnearly-30-alleged-victims-of-oracle-ebs-hack-named-on-cl0p-ransomware-site%2F%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/ico_Lm-RMDes3XDFnsEMjIdhYqTkLt7lale03h9FcgQ=431">
<span>
<strong>Nearly 30 Alleged Victims of Oracle EBS Hack Named on Cl0p Ransomware Site (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Nearly 30 organizations, including major firms such as Logitech, The Washington Post, and Cox Enterprises, were allegedly impacted by a Cl0p ransomware campaign that exploited Oracle's E-Business Suite. Some, such as Harvard and The Washington Post, have confirmed involvement, but most have not commented on the matter.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧠</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4083604%2Fwhy-cybersecurity-leaders-find-important-to-prove-the-business-value-of-cyber.html%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/YwyGPsDahVtbVS16c0E8d0iTvbw05Xeii4D2sXvzIwU=431">
<span>
<strong>CISOs must prove the business value of cyber — the right metrics can help (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CISOs struggle to demonstrate the value of security because they often rely on technical metrics, such as MITRE ATT&CK and patch statistics, rather than business-focused measures. Boards are fatigued from unclear capital allocation and lack visibility into how cybersecurity investments lower risk. Experts advise establishing enterprise risk management, calculating financial exposure in dollars, and presenting understandable metrics like industry benchmarks, risk reduction, and ROI. CISOs should align security with business goals by consulting departments, translating cyber risks into financial terms, and showing measurable risk reduction, such as a 40% decrease in cyber loss exposure.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fmedium.com%2Fmitre-attack%2Fattack-v18-8f82d839ee9e%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/x9bkcy87Bsz4BQq0u18HHTaMXsVHs5XjjHSzXSH-BzU=431">
<span>
<strong>ATT&CK v18: The Detection Overhaul You've Been Waiting For (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
MITRE ATT&CK v18 introduces two new components, Detection Strategies and Analytics, replacing brief detection notes with detailed, behavior-based guidance that connects techniques to platform-specific analytics, log sources, and data elements. The enterprise domain introduces 13 new techniques, covering Kubernetes, CI/CD pipeline tampering, cloud databases, and ransomware preparation activities, including backup software detection and selective file exclusion, as well as adversary monitoring of their own threat intelligence. The framework suggests splitting the Defense Evasion tactic into Stealth (altering defender visibility) and Impair Defenses (disrupting security controls), while launching an ATT&CK Advisory Council for formal community input and establishing faster CTI releases independent of biannual framework updates.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fmedium.com%2F@onhexgroup%2Fimplementing-the-etherhiding-technique-438979758593%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/GfEdM6Kyjnw-ku7Zf6Kj-d1cTK86NRlm_3EwgZ1kQuw=431">
<span>
<strong>Implementing the Etherhiding technique (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Etherhiding is a technique used by attackers to distribute malware using public blockchains, specifically Ethereum. It works by hiding critical information, such as payloads or configuration data, within blockchain smart contracts, making them accessible while making them difficult to take down or block. This hands-on demo shows how to build a simple Ethereum smart contract using Solidity, deploy it to the Sepolia test network via MetaMask, and create a web page that retrieves and displays the hidden information from the blockchain using Infura RPC.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧑💻</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fscs.georgetown.edu%2Fprograms%2F484%2Fonline%2Fonline-masters-in-cybersecurity-risk-management%2F%3F%26utm_source=tldr%26utm_medium=newsletter%26utm_campaign=fy26-encora-cyrm-en-tldr-daily-gen-text-onhp-20251111/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/neCYA4CK1bCn6dS1CVNlm5jwWLtm8L5F0t5eEmLJHw0=431">
<span>
<strong>👩🎓 Make it official: Get an online Master's in Cybersecurity Risk Management (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
If you're reading this newsletter, you're interested in cybersecurity. Want to take the next step? Get up to speed and certified with <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fscs.georgetown.edu%2Fprograms%2F484%2Fonline%2Fonline-masters-in-cybersecurity-risk-management%2F%3F%26utm_source=tldr%26utm_medium=newsletter%26utm_campaign=fy26-encora-cyrm-en-tldr-daily-gen-text-onhp-20251111/2/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/QTjyuNBL7QSyeTG5MTA6d3G-EaNaGb6K1AOsP_UBeEw=431" rel="noopener noreferrer nofollow" target="_blank"><span>Georgetown University's Online Master's Program</span></a> - where you'll master leading tools and techniques, understand established frameworks, and gain hands on threat detection experience with real data. To learn more, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fscs.georgetown.edu%2Fnews-and-events%2Fevent%2F10117%2Fcybersecurity-risk-management-webinar-2025-11-19%3F%26utm_source=tldr%26utm_medium=newsletter%26utm_campaign=fy26-encora-cyrm-en-tldr-daily-event-text-wbr-20251111/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/xCu2UJt1tFz-Ev4SQQOifcE6pWMuBYte4cdIPlijRcU=431" rel="noopener noreferrer nofollow" target="_blank"><span>join the free webinar</span></a>.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnakivo-introduces-v111-with-upgraded-disaster-recovery-and-msp-features%2F%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/0m8oxo1KrynAC-ejgbD3in2vDcPG_Q9RSgX-TSPWVls=431">
<span>
<strong>NAKIVO Introduces v11.1 with Upgraded Disaster Recovery and MSP Features (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
NAKIVO Backup & Replication v11.1 offers enhanced features, including real-time VMware replication with automated failover via Site Recovery workflows, eliminating manual setup through automatic IO Filter and Journal Service installation. It broadens Proxmox VE support with Flash VM Boot for instant recovery, VM replication, and direct tape recovery, while MSP Direct Connect enables secure, encrypted client-side connectivity supporting VMware, Hyper-V, and Proxmox VE. Additionally, the update introduces granular backup options for physical Windows and Linux systems, allowing selective folder and volume protection with flexible recovery methods such as SMB/NFS shares, all featuring encryption, immutability, and air-gapping for ransomware defense.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fkarlvbiron%2FMAD-CAT%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/4btvVpJGTynuJ8ZFfVYnAN3sjVuV0hBqHopDNeoNNQY=431">
<span>
<strong>MAD-CAT (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
MAD-CAT (Meow Attack Data Corruption Automation Tool) is a security testing program designed to simulate data corruption attacks on six database platforms: MongoDB, Elasticsearch, Cassandra, Redis, CouchDB, and Hadoop HDFS. It allows for both single-target tests and bulk CSV attack campaigns, with options for scenarios that include credentials or not. This enables security teams to evaluate how well their databases can withstand corruption threats. Security experts can utilize MAD-CAT to examine data integrity measures and verify backup and recovery processes across various database setups within their systems.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fmalwarekid%2FOnlyShell%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/X7-ez05sYCjnS4y3SbF_mcdh-6ZYIA9IClzV1ccRuSI=431">
<span>
<strong>OnlyShell (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
OnlyShell is a powerful Go-based reverse shell handler that allows you to manage multiple reverse shell connections simultaneously.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🎁</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberscoop.com%2Frussian-aleksei-volkov-yanluowang-ransomware%2F%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/cGbajJqVWEVQ7x0htwCrxNNRRboAlfq3wRo4qm9-izA=431">
<span>
<strong>Russian national pleads guilty to breaking into networks for Yanluowang ransomware attacks (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Aleksei Olegovich Volkov (aka "chubaka.kor") pleaded guilty to serving as an initial access broker for Yanluowang ransomware, attacking seven US businesses between July 2021 and November 2022, with total ransom demands reaching $24 million. FBI blockchain analysis traced cryptocurrency payments to accounts owned by Volkov and a co-conspirator in Indianapolis, confirming his identity and communications about attack coordination and profit-sharing. Volkov faces up to 53 years in prison and must pay $9.2 million in restitution. Victims experienced operational shutdowns, data encryption, executive harassment calls, and DDoS attacks following initial compromise through vulnerability exploitation.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2025%2F11%2F10%2Fwhy-a-lot-of-people-are-getting-hacked-with-government-spyware%2F%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/qMx34jUPMF9du5JqcvRI3PCFKoVhT9Fzebh3KddKxtM=431">
<span>
<strong>Why a lot of people are getting hacked with government spyware (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The reach of government spyware now extends far beyond its original promise of targeting only criminals and terrorists. Increasingly, journalists, activists, and minor political figures around the world are being surveilled, enabled by vendors whose scalable technology and weak oversight make widespread abuse easy. Governments, both democratic and authoritarian, face little accountability or limitation, although international moves and investigations may finally be prompting some overdue scrutiny and action.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F11%2Fnew-browser-security-report-reveals.html%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/m6u3bKm8bO0cviFAC2XvvH_6JoNfo-5xFdeCNPaHilE=431">
<span>
<strong>New Browser Security Report Reveals Emerging Threats for Enterprises (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Emerging enterprise threats increasingly concentrate in the user's browser. Unmanaged AI tools, browser extensions, and non-corporate logins are key risks, as traditional security solutions can't see or manage what happens in browser sessions, enabling sensitive data exposure. Set up session-native controls and browser-level monitoring to close these critical security gaps and prevent breaches.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">⚡</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2Fnw9HRx/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/EdqKfx8MeFVOBk19BAHWMtTsDQDz55T0lL0DDEctdUk=431">
<span>
<strong>CBP rolls out facial recognition app for local police to spot illegal immigrants (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
US Customs and Border Protection deployed Mobile Identify (listed as "287 TFM" on Google Play Store), a facial recognition app enabling 555 local law enforcement agencies across 34 states participating in Section 287(g) programs to identify immigration status by scanning faces, returning reference numbers requiring ICE contact rather than direct personal information, with captured photos stored for 15 years even for US citizens.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Ffbi-wants-to-know-who-runs-archive-ph%2F%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/xTsKBAIfKgrngGA-oEg3rvhpnVRYE60o28AxdIwLAq0=431">
<span>
<strong>FBI Wants to Know Who Runs Archive.ph (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The FBI issued a federal subpoena to domain registrar Tucows demanding extensive billing records, internet session logs, payment information, and cloud computing service details to unmask the anonymous operator behind archive.today (Archive.is and Archive.ph), a web archiving service operational since 2012 that's commonly used to bypass news paywalls, though the subpoena does not specify what crime is being investigated.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fedition.cnn.com%2F2025%2F11%2F06%2Feurope%2Flouvre-password-cctv-security-intl%3Futm_source=tldrinfosec/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/EL-X22r4gAStbzUCYH8MrGar8pOgatp0eAtaiuCZKJ4=431">
<span>
<strong>You'll never guess the Louvre's onetime CCTV password. (You absolutely will) (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The French court criticized the Louvre for prioritizing art spending over security, exposing long-known weaknesses, including easy-to-guess passwords (such as "LOUVRE") and a lack of CCTV, which enabled a major jewelry heist.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/5S_r-f5V6w0Z-4zLSyjEDjoqwyyBWGoLVkdFH5CCaO4=431" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/Me2TpIrNnjWAW_UNe2CDpbeCT42md7B9LvOXKQXJE7w=431" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? 📰
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/DOzuM2VNKCUYicER4adNbivPDNEyCH8ACiJ_5yvdmhA=431"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? 💼
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/7Lq22BIiTDNc2Lw7z39fmAT7Ac43olcnUc0JxBFSwYY=431" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/EoG3QImimAs3hhuKBACSgxxO4cubf3fjXmPPaH6Ju2E=431"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/W5UuZ7grPRP5hGP8M6Uqw9OFkt7qwzhdSLvUsSeoq-8=431"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/2nPdEERV7fc11FPpyJ3Wx_YyAXSa22M2uD6EQlP40Hw=431"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/Fhqeq4HsEAvxRUPxQjfYJdU8EWUDUsqT6YGtIWdd-wg=431">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=693dc9ec-bec4-11f0-ae3c-b766de1b036e%26pt=campaign%26pv=4%26spa=1762869688%26t=1762870751%26s=0025cb5034c93a431cc8d6b4d6fd1e4e1fecc272a0bf8c54d762136b3eb16769/1/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/SIOVfjDz4PgOHh1AXA9ojFKaMMUwJcGhOQL4Qhz3XxM=431">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019a7348f208-6b80c632-3a13-47ff-9811-70471bb30d0e-000000/ZGwX_NsS4TGpFjvcfh7pdUfY3Tr6ShLb-23sPkqjZy8=431" style="display: none; width: 1px; height: 1px;">
</body></html>