<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">A Mirai variant is actively compromising maritime logistics systems by exploiting a vulnerability in TBK digital video recorder devices β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/RYI6Mcm7cgg_J12DDT0Ylg9iVe55kZH6n7fxSRhzV9w=435" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/PNcEjnxS-AwEH1l8V8wvUklTogwe4lkid4xDt4dDP8o=435" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=58414e8c-d681-11f0-b3ac-c335cc63b2fc%26pt=campaign%26t=1765462043%26s=c3f2f4e62c2e18858b3fb32107a5d3adaa73027144e39c58f75991eaaa66ba43/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/zEosZRT76pD7p6wvb98avQqUsBPioNaC23S8tFGWCyI=435"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.netscout.com%2Fcybersecurity%3Futm_source=tldr%26utm_medium=display%26utm_campaign=brand-campaign-cybersecurity%26utm_keyword=display%26utm_content=campaign_page/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/TKLEiXyJRRoxCVgnKzNxPusz4tKm3DVTT6F_RrRoEJk=435"><img src="https://images.tldr.tech/netscout.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="NetScout"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-12-11</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.netscout.com%2Fcybersecurity%3Futm_source=tldr%26utm_medium=display%26utm_campaign=brand-campaign-cybersecurity%26utm_keyword=display%26utm_content=campaign_page/2/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/0kfH0r29fNjuKqVu-0YpvEVpCk-Ef1iDYAs1wK5Svbk=435">
<span>
<strong>Validate and scope alerts faster with NETSCOUT's packet-level visibility (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
SOC efficiency is the <a class="ProsemirrorEditor-link" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.netscout.com%2Fblog%2Fwhy-soc-efficiency-most-valuable-currency-cybersecurity%3Futm_source=tldr%26utm_medium=display%26utm_campaign=brand-campaign-cybersecurity%26utm_keyword=display%26utm_content=campaign_page/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/KT1sW6Tm8NrWUhbpDwECzTvvuYymIYiwjyIZKOn8VQI=435" rel="noopener noreferrer nofollow" target="_blank"><span>most valuable currency in cybersecurity</span></a> - but ESG research has found that 55% of security teams take hours <a class="ProsemirrorEditor-link" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.netscout.com%2Fblog%2Fwhy-network-visibility-thread-holds-cybersecurity-together%3Futm_source=tldr%26utm_medium=display%26utm_campaign=brand-campaign-cybersecurity%26utm_keyword=display%26utm_content=campaign_page/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/rdloM00h9VXzbB00U0Fx7VkwZ7fLRi5xWFjpdUddzLw=435" rel="noopener noreferrer nofollow" target="_blank"><span>just to confirm if an alert is real</span></a>. This gives attackers plenty of time to move laterally through your network.
<p></p>
<p><a class="ProsemirrorEditor-link" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.netscout.com%2Fcybersecurity%3Futm_source=tldr%26utm_medium=display%26utm_campaign=brand-campaign-cybersecurity%26utm_keyword=display%26utm_content=campaign_page/3/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/MksqXJwr8WX02zJbIPHfk-BSyjsTE2Lkpn_RLqN6eTc=435" rel="noopener noreferrer nofollow" target="_blank"><span>NETSCOUT Omnis Cyber Intelligence</span></a> delivers packet-level visibility that eliminates the guesswork. With real-time metadata from deep packet inspection, your analysts have the full context they need to investigate incidents.</p>
<p>NETSCOUT delivers:</p>
<ul>
<li>Faster investigation and response</li>
<li>Visibility across hybrid and multicloud environments without blind spots</li>
<li>Unified data that bridges SecOps and NetOps teams</li>
</ul>
<p><a class="ProsemirrorEditor-link" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.netscout.com%2Fcybersecurity%3Futm_source=tldr%26utm_medium=display%26utm_campaign=brand-campaign-cybersecurity%26utm_keyword=display%26utm_content=campaign_page/4/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/hye1-P2XC3fk4LB01l7wD1AJhWIV8tPw3wIdcU1Q_14=435" rel="noopener noreferrer nofollow" target="_blank"><span>Stay ahead of risk with NETSCOUT</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F12%2Fnet-soapwn-flaw-opens-door-for-file.html%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/vUFsJbemkeYLoyt4cN5l98NrFuQJ5pKiiavkM1bGAQ0=435">
<span>
<strong>NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A .NET Framework design flaw, dubbed SOAPwn, allows attackers to weaponize WSDL-based SOAP client proxies to write arbitrary files or redirect SOAP requests to attacker-controlled locations. This can enable NTLM credential capture and remote code execution via web shells or malicious scripts. Impacted enterprise products include Barracuda Service Center RMM and Ivanti EPM, which have begun shipping security fixes.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Findustrialcyber.co%2Ftransport%2Fcydome-flags-mirai-variant-broadside-targets-maritime-logistics-through-tbk-dvr-devices%2F%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/2ROf9DIjrVmFAbX0ORZDc2rMkW6iQpyTOYn8nbSSNbc=435">
<span>
<strong>Cydome Flags Mirai Variant Broadside, Targets Maritime Logistics Through TBK DVR Devices (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A Mirai variant named Broadside is actively compromising maritime logistics systems by exploiting a vulnerability in TBK digital video recorder (DVR) devices. Broadside uses a custom C2 protocol, a unique βMagic Header,β and aggressively kills competing malware. Beyond DDoS capabilities, it can harvest system credentials, posing an elevated risk to operational technology environments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fgoogle-ads-for-shared-chatgpt-grok-guides-push-macos-infostealer-malware%2F%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/W1LB5SAwsymAvVnMeL7gOpT_hxrmTTjyC2QT9a-3kl8=435">
<span>
<strong>Google Ads For Shared ChatGPT and Grok Guides Push macOS Infostealer Malware (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A phishing campaign uncovered by Kaspersky and Huntress is abusing Google ads to lure macOS users searching for troubleshooting tips. The ads lead to public ChatGPT and Grok βshared conversationsβ posing as legitimate guides, but instead push victims to download the AMOS infostealer.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhusseinmuhaisen.com%2Fblog%2Fdeclarative-binary-parsing-for-security-research-with-kaitai-struct%2F%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/fmDHh_1t_kRRlbA8jmlBmIen_6-p5QCtE0pEElBOSY8=435">
<span>
<strong>Declarative Binary Parsing for Security Research with Kaitai Struct (15 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Kaitai Struct enables describing binary file formats in a declarative YAML-based language and automatically generating parsers in many languages, which is very useful for reverse engineering, malware analysis, and protocol or firmware research. This example walks through designing a dummy KAISTDE binary format, manually serializing and parsing it in C and Python, then expressing the same structure in a .ksy spec so the Kaitai compiler can emit a robust parser and visualizations.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.offensai.com%2Fblog%2Faws-lambda-managed-instances-security-overview%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/CylpbxSQyRkjpytZcdn35otTNKgurlxCsqm5SuaOLDU=435">
<span>
<strong>AWS Lambda Managed Instances: A Security Overview (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
During re:Invent 2025, AWS announced Lambda Managed Instances, which enable Lambda functions to run on AWS-managed EC2 instances. AWS prevents users from attaching instance roles to these instances, unlike other managed instances. EKS-managed nodes do not allow direct instance access via tools like SSM or EC2 Instance Connect. The instances run AWS' container-optimized Linux distribution, Bottlerocket OS, and execute Lambda functions as containerd containers.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Funit42.paloaltonetworks.com%2Fnew-ransomware-01flip-written-in-rust%2F%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/MB0HKXPeT1FyXgPrZx7zws8B5kE9koCxjSnZvNnUxfc=435">
<span>
<strong>New Ransomware 01flip: Multi-Platform Ransomware Written in Rust (22 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
01flip is a new Rust-based ransomware family (tracked as CL-CRI-1036) that targets critical infrastructure in the Asia-Pacific region, leveraging Rust's cross-compilation capabilities to support both Windows and Linux platforms. Attackers exploited CVE-2019-11580 for initial access, deployed Sliver C2 framework for lateral movement, and used AES-128-CBC with RSA-2048 encryption while demanding one bitcoin ransom, with subsequent data leaks appearing on dark web forums. Organizations should monitor for Rust-based malware signatures, patch internet-facing applications against known vulnerabilities, and implement detection for cross-platform ransomware that uses low-level API calls and string obfuscation techniques to evade traditional security controls.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.okta.com%2Fwebinars%2Fhub%2Fbeyond-oktane-how-to-manage-nhi-with-okta-ispm%2F%3Futm_source=newsletter%26utm_medium=thirdparty%26utm_campaign=2025-10%257CWBN-OND%257CBeyondOktane-ISPM-Demo-Part2-VID%26utm_id=aNKKZ0000004CAG4A2/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/5KaQ0e1yJyycQzVxZRkASI8Zot9VG2EvGIlm0Cy4spQ=435">
<span>
<strong>No one knows what AI agents will look like next year. How should you approach security today? (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
βThought leadersβ are confident about non-human identities, but can they predict what this landscape will look like in 12 months? Not reliably...<p></p><p>π€¨ So how should you defend against a risk that's totally unpredictable? Start with this <strong>resource from Okta</strong>:</p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.okta.com%2Fwebinars%2Fhub%2Fmanaging-non-human-identities-in-the-era-of-ai-agents%2F%3Futm_source=newsletter%26utm_medium=thirdparty%26utm_campaign=2025-10%257CWBN-OND%257CBeyondOktane-NHI-Part1-VID%26utm_id=aNKKZ0000004CA64AM/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/qAPA98n7NyRc5slHUzKFmXSJUg9lJapbTl7YKlydD88=435" rel="noopener noreferrer nofollow" target="_blank"><span>>> Watch</span></a> experts from AWS, Okta, and Guidewire share their perspective on this new frontier.
</p>
</span></span></div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fequixly.com%2F%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/-OaT4mI-DisPwRrkrncLOCWZyb29_aEM6bhUo4QtyQc=435">
<span>
<strong>Equixly (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Equixly provides an AI-powered API security testing platform that continuously probes APIs like a virtual hacker to uncover technical and business-logic vulnerabilities across the SDLC, integrating into CI/CD pipelines to automate penetration testing and guide remediation.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FSentryPeer%2FSentryPeer%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/4OXmzCY4QXaXXUYnf8ItrSY9pHY7qNlElUORZyxSWVg=435">
<span>
<strong>SentryPeer (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
SentryPeer is a fraud detection tool that tracks bad actors' attempted calls by saving their IP addresses and dialed numbers.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ffil-c.org%2F%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/nQrU9Fo1W1DvUw_7Xs5_UGSf6p2e6ZTOA8PXJdqh3mc=435">
<span>
<strong>Fil-C (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Fil-C is a memory-safe implementation of the C and C++ programming languages that can compile and run a lot of software with zero or minimal changes.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FIk0NCD/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/_dSzfw0ltsuPYByOzWXTyOjs5Yx1knwSKG5b626Div8=435">
<span>
<strong>Japanese Firms Suffer Long Tail of Ransomware Damage (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Ransomware attacks are hitting major Japanese companies and government bodies, forcing factories, retailers, and service providers offline for months. Many Japanese organizations depend on older systems and complex supply chains, so recovery is slow and costly.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fmalwaremaloney.blogspot.com%2F2025%2F09%2Fonedrive-lets-take-this-offline.html%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/MELIGeploGyZpiB4CLf-goQ5elIjTJUO0fjS-dL7L9M=435">
<span>
<strong>OneDrive. Let's Take This Offline (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft launched Offline Mode for OneDrive Business customers in April 2024, which allows users to continue using the web version of OneDrive while offline. This works by downloading file metadata and running a SharePoint web server locally. This post introduces an update to the OneDriveExplorer, which can parse the cache used for offline mode.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsemgrep.dev%2Fblog%2F2025%2Fcan-llms-detect-idors-understanding-the-boundaries-of-ai-reasoning%2F%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/RQN8YXenvFQQtB4eUcREEygktnAs9kgmjiZvL9QylTY=435">
<span>
<strong>Can LLMs Detect IDORs? Understanding the Boundaries of AI Reasoning (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Semgrep tested Claude Code with Sonnet 4 and OpenAI Codex with GPT5's ability to detect IDOR vulnerabilities in code with four levels of increasing difficulty, from no authorization to implicit authorization through middleware. In total, the models identified 15 real, previously unknown vulnerabilities and 93 false positives, with Sonnet 4 performing best. In its test with a generic prompt, Semgrep found that the models could detect some simpler IDOR vulnerabilities but failed in more complex cases.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fussignal.com%2Fsolutions%2Fsimplifying-security-with-microsoft%2F%3Futm_source=tldr_infosec_newsletter%26utm_medium=ebook%26utm_campaign=microsoft_simplifying_Security%2B/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/mA0SwMDaBmg2982IQx87OuF7Ud41WtouyNWg_a1CdlY=435">
<span>
<strong>How to get more from your Microsoft 365 licenses β without moving to E5 (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Enterprise-grade security at an SMB-ready price point? Not impossible anymore: Microsoft's new Defender and Purview add-ons work at a scale and cost that fits any business. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fussignal.com%2Fsolutions%2Fsimplifying-security-with-microsoft%2F%3Futm_source=tldr_infosec_newsletter%26utm_medium=ebook%26utm_campaign=microsoft_simplifying_Security%2B/2/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/I50FYepao0P10m2JQYnVLid6A_YJiwQ4fo5wDnIl7pA=435" rel="noopener noreferrer nofollow" target="_blank"><span>Download the guide by US Signal</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberscoop.com%2Furl-coalition-cybersecurity-insurance-coverage-deepfakes-reputational-harm%2F%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/2QFGjv-8d4GwCv2w7eHYEkGhXM_lF6A0o7PWuYmwdLI=435">
<span>
<strong>Organizations Can Now Buy Cyber Insurance That Covers Deepfakes (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cybersecurity insurer Coalition announced that it will start offering coverage for certain deepfake incidents, including those that lead to reputational harm.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FRazviOverflow%2Fadvent-of-hacks%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/UnSSx7wN0kq88vXYrvMUDfEyTzkJKED14sEua_wrkvc=435">
<span>
<strong>Advent of Hacks (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Advent of Hacks is a GitHub repository with a list of free cybersecurity holiday events, CTFs, and Advent challenges.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsecurity.googleblog.com%2F2025%2F12%2Fhttps-certificate-industry-phasing-out.html%3Futm_source=tldrinfosec/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/cxpMnOxAORpmUsWA0U4o9936kFThoBveGl1UMPMxiVM=435">
<span>
<strong>HTTPS certificate industry phasing out less secure domain validation methods (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Chrome Root Program and CA/Browser Forum adopted Ballots SC-080, SC-090, and SC-091 to sunset 11 legacy Domain Control Validation methods relying on email, phone, fax, postal mail, and reverse DNS lookups by March 2028, pushing Certificate Authorities toward automated, cryptographically verifiable ACME-based validation to prevent fraudulent certificate issuance.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/zDAxCM3RcTTG3peOS17qDyikvfD0MrdK7fxhlgwEuEo=435" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/kTaIh48cyMseIik01aDNKJMhsbV7HI2HNkExqYHwkfA=435" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/6tZFUvu__Rf1lM5sFvgwS_YBbWqLXZ30VhQTeTvHrBs=435"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/C9SbkI_JM0vh0frbBzz8YHpWGuIs6-0WiQzB5l-Ev9Q=435" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/IPtTTImahP886PXOxOQrS2q4ySgcbjIAj1V3UyIQ-bk=435" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/a9pjGl9Rz_qcwcwEIVrzYgI7NgS9Ze4mrPTFweJXKkw=435" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/1M2hwi1CO4sI-_sBOjYqC9QpY4oi8Nh_0qiayv0-IA4=435"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/fs3t2s9kuPHIZgq8o7zT3e9RCt-fBPlseyvLBH48DtY=435"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/0ZA0_fWCFhtkLaeeo3rZvMORuu9lnwp3ddb33i5rKQQ=435"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/Nd6ZEL-s774n74IvXxyFNFuMz7QzB7cHVWzONZ6pd5I=435">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=58414e8c-d681-11f0-b3ac-c335cc63b2fc%26pt=campaign%26pv=4%26spa=1765461721%26t=1765462043%26s=bfd49e75f5006823ab4fef232c86f6d8c09f27c61c1344afe96d30a7d4a4b751/1/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/6kcJ3DWU_8yCXgFu_2NOV78siy1ZeS75ymB3tjSu970=435">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019b0dbcecce-eec93e4d-d20c-4035-9352-56dbd980d552-000000/1CBvLkNdnZTI3Mgi0jAdJ1N0MvSRxOIAwQxX_STGn9s=435" style="display: none; width: 1px; height: 1px;">
</body></html>