<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Hackers accessed the personal data of over 4.4 million TransUnion customers through a breach in a third-party application β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/J88OCrRjc4kJv44zlnTLPovpxS5rT5ifXCLb27bZP1I=420" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/_-cvyhRSPCe7n8AMbBBxcR9zpIvgft6oC1MpU2g1YLg=420" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=2980f4a2-84bb-11f0-8f28-bbe9afe5800e%26pt=campaign%26t=1756472764%26s=e6314551e49d819aa9b17fbc2b9c3268542a0e15976a8085311fb0bdf13cbd08/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/mdvscZQsqJWX6BY0N0frWytaPq3Xjgjv96ibVT7NTb0=420"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexclaimer.com%2Fresearch%2Fstate-of-email-report-2025%2F%3Futm_medium=via-campaign-referral%26utm_source=tldr_newsletter%26utm_campaign=tldr%26utm_content=state_of_email_report/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/Cs-F0pwJcctFj_NkLkmZbyz4S5J3oTyBYWVJOGH4JZI=420"><img src="https://images.tldr.tech/exclaimer.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Exclaimer"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-08-29</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexclaimer.com%2Fresearch%2Fstate-of-email-report-2025%2F%3Futm_medium=via-campaign-referral%26utm_source=tldr_newsletter%26utm_campaign=tldr%26utm_content=state_of_email_report/2/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/Cr50znnW_QkwrILl86oJ9TI9cTe02JpTF07s_Dcacmg=420">
<span>
<strong>Email is still business-critical. The data backs it up. (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Forget the idea that email is fading. Nearly <strong>9 in 10 IT leaders</strong> say direct email is still critical to how their business communicatesβmore than Slack, Teams, or even collaboration tools. Why? Because email is auditable, reliable, and built for messages that matter. <p></p><p>From infrastructure updates to policy enforcement, <strong>48% of all business communication still relies primarily on email</strong>. In high-trust industries like tech and <a class="Hyperlink SCXW10502854 BCX4" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexclaimer.com%2Fwhite-papers-ebooks%2Femail-signatures-financial-services%2F/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/AVqZyaxDBKb3FflsdlACugqZS8j4fDKgb82j0LRqsyU=420" rel="noreferrer noopener" target="_blank"><span>finance</span></a>, that number climbs even higher. </p>
<p>Read how IT teams are modernizing email without disrupting what worksβand why this channel still earns its place at the center of business operations. </p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexclaimer.com%2Fresearch%2Fstate-of-email-report-2025%2F%3Futm_medium=via-campaign-referral%26utm_source=tldr_newsletter%26utm_campaign=tldr%26utm_content=state_of_email_report/3/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/5zTJGFkHHutgxwCSDo0ZUVWr2aIRmn1J3w5GzofQ0kY=420" rel="noopener noreferrer nofollow" target="_blank"><span><strong>β </strong></span></a><a class="Hyperlink SCXW10502854 BCX4" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexclaimer.com%2Fresearch%2Fstate-of-email-report-2025%2F%3Futm_medium=via-campaign-referral%26utm_source=tldr_newsletter%26utm_campaign=tldr%26utm_content=state_of_email_report/4/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/eW9MUC8bOS_J4TP_aSg0tkwmcaCSSvnzQouBDldRTqs=420" rel="noreferrer noopener" target="_blank"><span>Read the full report</span></a></p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexclaimer.com%2Fwhite-papers-ebooks%2Fthe-state-of-email-2025-infographic%2F%3Futm_medium=via-campaign-referral%26utm_source=tldr_newsletter%26utm_campaign=tldr%26utm_content=state_of_email_report_infographic/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/MUw18xbYM35zBmOgCgh9oFA3cawhL4kYfmiu6OBevJI=420" rel="noopener noreferrer nofollow" target="_blank"><span><strong>β </strong></span></a><a class="Hyperlink SCXW10502854 BCX4" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexclaimer.com%2Fwhite-papers-ebooks%2Fthe-state-of-email-2025-infographic%2F%3Futm_medium=via-campaign-referral%26utm_source=tldr_newsletter%26utm_campaign=tldr%26utm_content=state_of_email_report_infographic/2/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/URz60fK8vzuI4Bj-_YBs_EqCY_hhyWbmVPGT-5CY0SI=420" rel="noreferrer noopener" target="_blank"><span>See the key stats</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffreepbx-servers-hacked-via-zero-day-emergency-fix-released%2F%3Futm_source=tldrinfosec/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/OYTC3Mx9Q2wA_wF2eiu9liXcFeC1_mFBKlShBYpH0GE=420">
<span>
<strong>FreePBX servers hacked via zero-day, emergency fix released (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
There is an actively exploited zero-day vulnerability affecting systems with exposed Administrator Control Panel (ACP). Hackers have exploited it since August 21, compromising servers and affecting thousands of SIP extensions, allowing attackers to run commands as the Asterisk user. Sangoma has released emergency EDGE module fixes. It recommends blocking ACP access, restoring from pre-August 21 backups if compromised, and rotating all credentials.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2025%2F08%2F28%2Ftransunion-says-hackers-stole-4-4-million-customers-personal-information%2F%3Futm_source=tldrinfosec/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/0v0-g9Py0ovWx3cYOdDQbY2FuOCquE69U-Nw4utARBg=420">
<span>
<strong>TransUnion says hackers stole 4.4 million customers' personal information (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Hackers accessed the personal data of over 4.4 million TransUnion customers through a breach in a third-party application, although the credit data itself was not compromised. Stolen information included names, birth dates, and Social Security numbers. This incident is part of a recent wave of major corporate data breaches in the US. Companies like Google and Allianz Life were also affected.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fpermiso.io%2Fblog%2Fsliding-into-your-dms-abusing-microsoft-teams-for-malware-delivery%3Futm_source=tldrinfosec/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/4R0DZptqZlJQed0xkZgm_tO7aeboau56Gzm08ZinJZE=420">
<span>
<strong>Sliding into your DMs: Abusing Microsoft Teams for Malware Delivery (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Attackers are increasingly using Microsoft Teams for the delivery of malware. Impersonating IT support, they send direct messages or calls from fake or compromised accounts, tricking users into installing remote access tools or running malicious PowerShell payloads. These sophisticated campaigns leverage social engineering, exploit the trust in Teams' internal messaging, and use advanced techniques to steal credentials, maintain persistence, and evade detection. Defenders are advised to remain vigilant for unusual Teams activity and impersonation attempts and to recognize the signs of such malware attacks for improved response and mitigation.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FiVsGgd/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/3_RklVZxGP3q35_4iYE80MW_zjuMyeGExfhtLtTNtn4=420">
<span>
<strong>AWS Detection Engineering: Mastering Log Sources for Threat Detection (11 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This post provides an overview of how to utilize CloudTrail, VPC Flow Logs, GuardDuty, ALB Logs, and AWS Config for threat detection in AWS. It lists sample alerts for each data source, as well as cross-service alerts, and demonstrates how these alerts can inform automated enforcement actions. Continuous validation is important for ensuring that rules remain consistent with an organization's environment.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdispatch.thorcollective.com%2Fp%2Fthe-agentic-threat-hunter%3Futm_source=tldrinfosec/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/eMo1Tzv2h4NW7j_x6FDoanvIUHGxwkE-Ac3E_XC3qjs=420">
<span>
<strong>The Agentic Threat Hunter (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Threat hunting follows the scientific method in which analysts observe logs, develop hypotheses, test the hypotheses, and iterate, but this model is crumbling under the vast amount of logs present in modern environments. To augment security teams, AI agents can be used to monitor vast amounts of logs and develop initial hypotheses to augment security teams. SOCs can begin leveraging agentic AI by developing explicit hypotheses, pairing with AI for investigations, centralizing data in a SIEM or data lake, setting appropriate guardrails for the agents, and then automating repetitive tasks.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Factivecm%2Frita%3Futm_source=tldrinfosec/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/6dwQcaDKMxRHh2M32cOtszWV9D7q3pAieMFkLVqXToQ=420">
<span>
<strong>RITA (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FNetSPI%2FATEAM%3Futm_source=tldrinfosec/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/i02-j0TO0TtCU1CN1MOP793qQfsizGePBmSRf4oD7sM=420">
<span>
<strong>ATEAM (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Azure Tenant Enumeration and Attribution Module (ATEAM) is a reconnaissance tool that discovers Azure services and attributes tenant ownership based on their responses.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fclearbluejar.github.io%2Fposts%2Fpyghidra-mcp-headless-ghidra-mcp-server-for-project-wide-multi-binary-analysis%2F%3Futm_source=tldrinfosec/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/qXTg0inJ1qjWCGOEM5m0BOQoje5rmOSZvmJ2JF7XCv4=420">
<span>
<strong>pyghidra-mcp: Headless Ghidra MCP Server for Project-Wide, Multi-Binary Analysis (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
pyghidra-mcp is a headless Model Context Protocol (MCP) server for Ghidra that enables LLMs to perform project-wide analysis across multiple interconnected binaries in a single session, moving beyond traditional single-file reverse engineering. The tool demonstrates ecosystem-aware analysis by tracing function calls across entire application stacks, such as following a file creation operation from notepad.exe through kernel32.dll to ntdll.dll and the Windows kernel. Built for automation and CI/CD integration, pyghidra-mcp leverages Ghidra's project management capabilities to expose entire software ecosystems for AI-powered reverse engineering workflows.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4046438%2Fstorm-0501-debuts-a-brutal-hybrid-ransomware-attack-chain.html%3Futm_source=tldrinfosec/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/RGWsFIw_KkiOlJn5NwywTMuJFrANMEd5sAmF2mZ1iVY=420">
<span>
<strong>Storm-0501 debuts a brutal hybrid ransomware attack chain (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Storm-0501 has developed a sophisticated hybrid ransomware attack that exploits privileged accounts to move between on-premises and cloud environments, utilizing techniques such as DCSync attacks to gain domain control and leveraging federated domains as backdoors. The threat actor not only encrypts data, but also mass-deletes cloud resources, including backups, creating a "no-win situation" where organizations cannot recover without paying ransom. CISOs should implement least privilege access, audit on-premises environments for cloud migration opportunities, and regularly practice ransomware response playbooks to defend against this brutal attack chain.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fmicrosoft%2Fmicrosoft-word-will-save-your-files-to-the-cloud-by-default%2F%3Futm_source=tldrinfosec/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/wziMrantrlR7_CJ_t3QiRuUonfGp53xj9mBFSCKbHyQ=420">
<span>
<strong>Microsoft Word Will Save Your Files to the Cloud By Default (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft will start automatically saving any Word documents in OneDrive. Users will be able to change how new files are created in the Save page in the Word options. The feature was included in the latest Microsoft 365 Insiders Beta Channel update.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.mobileworldlive.com%2Foperators%2Fskt-hit-with-97m-penalty-for-security-lapses%2F%3Futm_source=tldrinfosec/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/85zNWEMOyOEZEosZeDM9x0LV3P-WWTNz5oyW8DyyWDU=420">
<span>
<strong>SKT hit with $97M penalty for security lapses (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
South Korea fined SK Telecom 134.8 billion won ($97.2 million) after a SIM data breach exposed the personal data of all customers due to poor security and delayed reporting. The breach affected 23 million users, causing significant financial losses and a decline in SKT's profit and customer base. Authorities ordered audits and improvements as SKT invests heavily in new security systems.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F08%2F28%2Fsweden_council_ransomware%2F%3Futm_source=tldrinfosec/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/adKFkJQm-n0_NVSYhYvm6gOdD_DmSuCUSPYtXSjuCvk=420">
<span>
<strong>Ransomware crooks knock Swedish municipalities offline for measly sum of $168K (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
An attack on MiljΓΆdata, a key IT provider for most Swedish municipalities, disrupted HR and reporting systems for over 200 councils.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fpasswordstate-dev-urges-users-to-patch-auth-bypass-vulnerability-as-soon-as-possible%2F%3Futm_source=tldrinfosec/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/xto5xHZg864YHcGHBahF43JA6QmGaBXQY0HgbUrpZTA=420">
<span>
<strong>Passwordstate Dev Urges Users to Patch Auth Bypass Vulnerability (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
There is a high-severity auth bypass in Passwordstate, used by 390K IT professionals, that allows attackers to exploit a malicious URL to access the admin area via the Emergency Access page.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberscoop.com%2Fgoogle-cybersecurity-disruption-unit-active-defense-hack-back%2F%3Futm_source=tldrinfosec/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/zCv5WvrUJLN7FNULVj6lFrZRirSZPtshRFvJ5SAlL4Q=420">
<span>
<strong>Google previews cyber 'disruption unit' as U.S. government, industry weigh going heavier on offense (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google plans to create a new cyber "disruption unit" focused on "legal and ethical disruption" of threat campaigns.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/OS8edDAaon14L68oQJvL7xG1CdQqGB6TJ-y_9VZAxds=420"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/-kIvn_XY-oQZzZO3Wc1B17ecbqtXukr8C__x4MzFDVc=420" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/vsI98s0wqjIRziqqNnN_t1uvK3OU7JcdF5JcUdgLHbc=420"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/XSrxTRuoMPMYY9WvYuOoBiuJa4Kfz8KlOnv83HlDPVE=420"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/KRC_uqWS-n2ZC9BniWRxOzTNcAAxoHOKRsYQVBxwHYw=420"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/ry63vN9_v_7gjQdyrz21TNsPpR4mu84a_BzzIVRSH9U=420">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=2980f4a2-84bb-11f0-8f28-bbe9afe5800e%26pt=campaign%26pv=4%26spa=1756472465%26t=1756472764%26s=74e6adffb6b94de43bc26ff7a95fb868718efb9da77ecb1328dd5fe4e2b28cd5/1/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/6LJDv2W534wq9wpqlFk-yWtbeRS1m8LMTOMKWu2JIeg=420">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/01000198f5ef675b-b7d79228-78c5-45a8-910c-d4d04c81adcf-000000/kHBEN_UExflPJz351m72SjiG7xYKebbMdupz100Tj_g=420" style="display: none; width: 1px; height: 1px;">
</body></html>