<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Polandโs power grid faced a cyberattack in December that involved a new โDynoWiperโ malware, likely linked to Russiaโs Sandworm group โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/DFyojFO9aDsyOqmazKlMwG-6RDsuUH2GH1kkH6fDPAo=441" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/2VRGYLdOgtMIqyS1j868fqE5-qplz7g_6YrFHpW6s-Q=441" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=28b12304-faa3-11f0-94f0-33836825154c%26pt=campaign%26t=1769436418%26s=bca3f6fdbde89cb40450fc7af14ad652f14faa69cad5016b6596d9bb30f8901d/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/37FRfEqTTk46ZtIX-oyeS8j54hUFX-Z3dCpkq5leKkA=441"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="mailto:itcurator@tldr.tech"><img src="https://images.tldr.tech/tldr50.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="TLDR"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-01-26</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="mailto:itcurator@tldr.tech">
<span>
<strong>TLDR is hiring a Curator for TLDR IT! (TLDR Curator, ~5 hrs/week)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
We are launching a brand new newsletter covering IT and enterprise tech. We already have <strong>500,000+ subscribers</strong> waiting for the first edition.<br>We need a domain expert to curate and write the daily summaries. If you want to be the voice of the IT industry, please send your resume or LinkedIn to <a class="c-link" href="mailto:itcurator@tldr.tech" rel="noopener noreferrer" target="_blank"><span>itcurator@tldr.tech</span></a>!
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farstechnica.com%2Fsecurity%2F2026%2F01%2Fwiper-malware-targeted-poland-energy-grid-but-failed-to-knock-out-electricity%2F%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/FbO9nwMhFxN3djgWjCMwEFvGlmXdbJ5AXS56J8CVOck=441">
<span>
<strong>Poland's energy grid was targeted by never-before-seen wiper malware (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Poland's power grid faced a cyberattack in December that involved a new โDynoWiperโ malware. Likely linked to Russia's Sandworm group, the attempt to disrupt electricity failed. The operation coincided with the 10th anniversary of Sandworm's landmark 2015 Ukraine blackout, and it fits a long pattern of Russian wiper use.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F01%2F23%2Ffortinet_fortigate_patch%2F%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/VS4ElLiIxBlQRQhhu7AgfoF0ezLHSh-ehpMkLfMOQmc=441">
<span>
<strong>Fortinet admits FortiGate SSO bug still exploitable despite December patch (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Attackers can still exploit a critical FortiCloud SSO authentication vulnerability in FortiOS, even on systems fully patched in December, by abusing a new SAML-based SSO attack path. Recent campaigns involve automated reconfiguration of FortiGate firewalls, the creation of backdoor admin accounts, and the theft of configuration files. Fortinet has urged customers to monitor authentication logs, restrict management exposure, and track admin changes while it develops a new fix.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F01%2F22%2Froot_telnet_bug%2F%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/UjohFgI6ecqa--EwXyV2uFZHv3vDFRYaPzmRbacRk_A=441">
<span>
<strong>Ancient telnet Bug Happily Hands Out root to Attackers (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A critical (CVSS 9.8) vulnerability in telnet could allow unauthenticated users to obtain root privileges on systems running InetUtils telnetd. To exploit the vulnerability, an attacker only needs to set their USER environment variable to โ-f rootโ and pass the โ-aโ or โ--loginโ flag to telnet. Experts recommend updating to the latest version of telnet or, ideally, switching to a more secure protocol such as SSH.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐ง </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fkubernetes.io%2Fblog%2F2026%2F01%2F07%2Fkubernetes-v1-35-csi-sa-tokens-secrets-field-beta%2F%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/O4SAjmUFDrOdYgynN0NVysk8gEtfqyPr0DfKlKTOmjk=441">
<span>
<strong>Kubernetes v1.35: A Better Way to Pass Service Account Tokens to CSI Drivers (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Kubernetes v1.35 added the ability for CSI drivers to opt-in to receiving service account tokens via the `secret` field in `NodePublishVolumeRequest`. Prior to this update, service account tokens were received via the `volume_context` field, which could lead to secrets being included in gRPC request logs if drivers did not implement custom sanitizer logic. To opt in to this feature, CSI drivers should implement the `serviceAccountTokenInSecrets' field as well as implement logic for backwards compatibility.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdev.to%2Fveritaschain%2Fbuilding-tamper-proof-media-apps-c2pa-vs-cpp-deep-dive-for-developers-52g4%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/qZYEo2-pUP9FbPjopelBfOVWPSZJVkdELu0WR83j6-w=441">
<span>
<strong>Building Tamper-Proof Media Apps: C2PA vs CPP Deep Dive for Developers (14 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This technical deep dive compares C2PA (the industry standard backed by Adobe and Sony) with the emerging Content Provenance Protocol (CPP) for building tamper-proof media applications that prove content authenticity. CPP's key differentiator is its "Completeness Invariant," which uses XOR hash sums to mathematically detect deleted evidenceโa critical capability for legal proceedings, insurance claims, and regulatory compliance that C2PA cannot provide architecturally. The article provides Swift and Python implementations of cryptographic patterns, including Secure Enclave signing, Merkle tree construction, RFC 3161 timestamp anchoring, and privacy-preserving human attestation without storing biometric data.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Funit42.paloaltonetworks.com%2Fdilemma-of-ai-malicious-llms%2F%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/1KEIqQwAdbQ_XDDOUwJo3r58vJqIsUgmCTWfp90G0bQ=441">
<span>
<strong>The Dual-Use Dilemma of AI: Malicious LLMs (13 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
While LLMs can be a useful tool for defenders, they can also be used by attackers. WormGPT was the first malicious LLM that was released. It is still being developed. KawaiiGPT is an open-source malicious LLM. This article analyzes the efficacy of these models at producing ransomware notes, data exfiltration scripts, and lateral movement detection.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐งโ๐ป</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fspecterops.io%2Fso-con%2F%3Futm_campaign=PAID_Advertisement_260101_TLDRJanuaryNew%5B%E2%80%A6%5D=Advertisement%26utm_source=TLDR%26Latest_Campaign=701Uw00000ePhXU/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/zIzu2O7MzIH5q_Pq3gPaedSmuy1szv2TC1hrNh0SpFE=441">
<span>
<strong>The SO-CON 2026 Agenda Is Live (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
SO-CON 2026 (April 13โ14, Arlington, VA) brings together the community shaping the future of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fspecterops.io%2Fattack-path-management%2F%3Futm_campaign=PAID_Advertisement_26010%5B%E2%80%A6%5D=Advertisement%26utm_source=TLDR%26Latest_Campaign=701Uw00000ePhXU/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/ey-_Fm4B1CzT9rhWGfoWsTZqEGds9gs9atn_eslzHmc=441" rel="noopener noreferrer nofollow" target="_blank"><span>Attack Path Management</span></a>. Hear from Kevin Mandia, HD Moore, JPMorgan Chase, and leading APM practitionersโplus hands-on training led by real adversary experts. Training students get a free event pass. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fspecterops.io%2Fso-con%2F%3Futm_campaign=PAID_Advertisement_260101_TLDRJanuaryNew%5B%E2%80%A6%5D=Advertisement%26utm_source=TLDR%26Latest_Campaign=701Uw00000ePhXU/2/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/qgqPuu_r8HkvmGK055uH3M2waJGBVZJ7yd-4D_aGLjM=441" rel="noopener noreferrer nofollow" target="_blank"><span>View the full agenda here</span></a>.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Felbraino%2Fawesome-blackhat-arsenal%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/fW86Rb5khe4ODFRKNjj4mcuMziBLzps810Xwep4UIic=441">
<span>
<strong>Awesome-blackhat-arsenal (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Whether you're in red teaming, blue teaming, appsec, or OSINT, this list helps you explore and leverage the best tools demonstrated live by security professionals across the world.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FMHaggis%2FSecurity-Detections-MCP%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/_YavQvzr-zlBuyEudn3JrEUZg8j5gHCmj2ux1T9sz-4=441">
<span>
<strong>Security Detections MCP (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Security Detections MCP is an MCP server that enables LLMs to query a unified database of over 7,200 Sigma, Splunk ESCU, Elastic, and KQL security detection rules through natural language. The tool features SQLite FTS5-powered full-text search across detection fields, MITRE ATT&CK mapping, CVE coverage lookup, and process name filtering, with token-optimized analysis tools that reduce data transfer by 25x compared to traditional queries. Security teams can integrate this with Claude Desktop, Cursor IDE, or VS Code to perform coverage analysis, identify detection gaps against threat profiles, and generate ATT&CK Navigator layers directly from their AI assistant.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FBlevene%2Fbandjacks%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/SzjnSBBnVz5BGfC_04vfE8sMIW6BMn5MPpgAC8T6ksw=441">
<span>
<strong>Bandjacks (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Bandjacks is a comprehensive Cyber Threat Intel system that quickly extracts MITRE ATT&CK techniques from threat reports, builds a knowledge graph of threat actors, and utilizes LLM response caching for faster extraction, among other features.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F01%2F23%2Fmicrosoft-gave-fbi-a-set-of-bitlocker-encryption-keys-to-unlock-suspects-laptops-reports%2F%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/B3YHj8s-5L29hP6MIwhzqtE2mUT94YPfhC0P2Yv7mRE=441">
<span>
<strong>Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects' laptops (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The FBI has obtained a warrant compelling Microsoft to hand over BitLocker recovery keys for three seized laptops, allowing agents to decrypt the drives despite fullโdisk encryption. BitLocker recovery keys are often stored in Microsoft's cloud, enabling lawful access but also raising privacy and security fears if the company or its keys are compromised.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F01%2Fmicrosoft-flags-multi-stage-aitm.html%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/wcG6_EsNkLXyoh94026D_0SDAvs8QDcHcZQs84m9Kv0=441">
<span>
<strong>Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft describes a layered phishing and BEC campaign against energy companies that abuses trusted services like SharePoint and OneDrive to deliver links leading to adversary-in-the-middle credential theft pages. Attackers then use stolen credentials and session cookies to set stealthy inbox rules, launch large internal and external phishing waves, and bypass MFA using tailored phishing kits and social engineering, prompting defenders to adopt phishing-resistant MFA, conditional access, continuous access evaluation, and robust anti-phishing controls.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F01%2F21%2Fireland_wants_to_give_police%2F%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/iD_Oj3gSC80Uv0HHtW_XPyfTdqXVb5BAjjb2UaKfQG0=441">
<span>
<strong>Ireland Wants to Give its Cops Spyware, Ability to Crack Encryption (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Ireland has announced the release of a new communications bill that seeks to provide sweeping updates to its decades-old telecommunications legislation. Among the provisions in the bill, Ireland is looking to provide law enforcement with the ability to utilize spyware as well as the ability to intercept encrypted messages. Ireland is looking to follow the framework laid out by the EU Commission in 2024.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">โก</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.testingcatalog.com%2Fanthropic-prepares-to-release-security-center-for-claude-code%2F%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/96J8k2f9-3q0yCXpCE_4aZD4fhysvmJ9FA4Pdfb7Y4o=441">
<span>
<strong>Anthropic prepares to release Security Center for Claude Code (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Anthropic is preparing to launch Security Center for Claude Code, a feature that will provide users with an overview of recent security scans, detected issues, and the ability to manually initiate repository scans.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FMR0VhV/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/xbMyp7STDZkhAtQah7dlwX3oMXNBSGYQrUr4s5RwuEk=441">
<span>
<strong>Gmail Glitch Appears to Break Email Filtering, Tabbed Inboxes (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google resolved a Gmail glitch that caused marketing and promotional emails to flood users' Primary inboxes instead of being routed to the Promotions tab.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2F1password-adds-pop-up-warnings-for-suspected-phishing-sites%2F%3Futm_source=tldrinfosec/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/lhDDtNlWZn4F5TG9Ko2eaaElmDMAOxd9dWP3Es3_VBE=441">
<span>
<strong>1Password adds pop-up warnings for suspected phishing sites (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
1Password will now display pop-up warnings when users attempt to enter credentials on typosquatted or suspected malicious domains that don't match URLs stored in their vault.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/iRGNQvFuph09-FHAqqlV0Pp1Lrtyo8XnqKfwNHLk3Hs=441" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/hR_jlKqzqRy2CbEPmT1IMXi4WGqdH0Q0rXHTqvtZkho=441" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? ๐ฐ
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/o8kr6EzWsKWj1dKqSJunbGysVa3T870_abdMaPf1a_0=441"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? ๐ผ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/tX3examQdGhAw7bQ8OX2nMXXbFRvgsraVYetjR6rrpM=441" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/jSvCMFCB1lB2j8Ffv8zzsi5i__FAo-lDfq6s6DMqvFE=441" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/scMnNDjsUINXdumvkzZ5z1QdfpUlghnreM2_akL2l08=441" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/Y5kztaRzwKTUzeD8D7JCpmbG-zO2NitXc_2xEQBM8-Q=441"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/OX9tHo0-HTkDigqSG6Wc3zwS_QUbJZDvsvFP65PXyko=441"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/nYDR1sG_0g7xDnW8PJmdC1GDbmedKXk4WgWKal6446Q=441"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/ReRnMSuC4jOSb1NpEn-xoYqqwE-t5WvguNkO2qbfSKA=441">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=28b12304-faa3-11f0-94f0-33836825154c%26pt=campaign%26pv=4%26spa=1769436089%26t=1769436418%26s=b8642aa56455b547356213987a66f42151f76f4de5fd4684dec6625a17dd764b/1/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/-HoBzMoHAmYdaNo1GVxLSdkaYHYcsLYvveasFVltrY4=441">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019bfaa1129a-bd6061b0-f31e-4f0e-8a3e-f2b114b952e6-000000/XoEmsGe9VuWUKTv9K6SrDkR5cJDDTiqvTgAQR8Fvf-k=441" style="display: none; width: 1px; height: 1px;">
</body></html>