Episodes
[Referências do Episódio] ⁠Post da Fundação Shadowserver sobre a exploração das falhas no PAN-OS - https://bsky.app/profile/shadowserver.bsky.social/post/3lbh6k7p7pc27  CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) - https://security.paloaltonetworks.com/CVE-2024-0012  ⁠CVE-2024-9474 PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface - https://security.paloaltonetworks.com/CVE-2024-9474  Forti-fied?...
Published 11/22/24
Published 11/22/24
[Referências do Episódio] ⁠About the security content of iOS 18.1.1 and iPadOS 18.1.1⁠ ⁠About the security content of iOS 17.7.2 and iPadOS 17.7.2⁠ ⁠About the security content of macOS Sequoia 15.1.1⁠ ⁠About the security content of visionOS 2.1.1⁠ ⁠About the security content of Safari 18.1.1⁠ ⁠Qualys Security Advisory - LPEs in needrestart (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003)⁠ ⁠Python NodeStealer Targets Facebook Ads Manager with New...
Published 11/21/24
[Referências do Episódio] Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 - https://unit42.paloaltonetworks.com/cve-2024-0012-cve-2024-9474/ VMSA-2024-0019:VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-38812, CVE-2024-38813) - https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968 CVE-2024-10524 Wget Zero Day Vulnerability -...
Published 11/19/24
[Referências do Episódio] PAN-SA-2024-0015 Critical Security Bulletin: Ensure Access to Management Interface is Secured - https://security.paloaltonetworks.com/PAN-SA-2024-0015  BrazenBamboo Weaponizes FortiClient Vulnerability to Steal VPN Credentials via DEEPDATA - https://www.volexity.com/blog/2024/11/15/brazenbamboo-weaponizes-forticlient-vulnerability-to-steal-vpn-credentials-via-deepdata/  FG-IR-24-423 - Missing authentication in fgfmsd -...
Published 11/18/24
[Referências do Episódio] Emerging Threats: Cybersecurity Forecast 2025 - https://cloud.google.com/blog/topics/threat-intelligence/cybersecurity-forecast-2025/  The Problem with IoT Cloud-Connectivity and How it Exposed All OvrC Devices to Hijacking - https://claroty.com/team82/research/the-problem-with-iot-cloud-connectivity-and-how-it-exposed-all-ovrc-devices-to-hijacking  Global Companies Are Unknowingly Paying North Koreans: Here’s How to Catch Them -...
Published 11/14/24
[Referências do Episódio] November 2024 Security Updates - https://msrc.microsoft.com/update-guide/releaseNote/2024-Nov  APSB24-77 : Security update available for Adobe Bridge - https://helpx.adobe.com/security/products/bridge/apsb24-77.html  APSB24-83 : Security update available for Adobe Audition - https://helpx.adobe.com/security/products/audition/apsb24-83.html  APSB24-85 : Security update available for Adobe After Effects -...
Published 11/13/24
[Referências do Episódio] Ymir: new stealthy ransomware in the wild - https://securelist.com/new-ymir-ransomware-found-in-colombia/114493/  0检测的Melofee 木马新变种曝光,专攻RHEL 7.9系统 - https://blog.xlab.qianxin.com/analysis_of_new_melofee_variant/  Trend Micro and Japanese Partners Reveal Hidden Connections Among SEO Malware Operations - https://www.trendmicro.com/en_us/research/24/k/seo-malware.html  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo...
Published 11/12/24
[Referências do Episódio] VEEAM exploit seen used again with a new ransomware: “Frag” - https://news.sophos.com/en-us/2024/11/08/veeam-exploit-seen-used-again-with-a-new-ransomware-frag/  PAN-SA-2024-0015 Important Informational Bulletin: Ensure Access to Management Interface is Secured - https://security.paloaltonetworks.com/PAN-SA-2024-0015   Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns -...
Published 11/11/24
[Referências do Episódio] BlueNoroff Hidden Risk | Threat Actor Targets Macs with Fake Crypto News and Novel Persistence - https://www.sentinelone.com/labs/bluenoroff-hidden-risk-threat-actor-targets-macs-with-fake-crypto-news-and-novel-persistence/  The Lazarus Heist - https://www.bbc.co.uk/programmes/w13xtvg9/episodes/downloads   GuLoader: Evolving Tactics in Latest Campaign Targeting European Industry -...
Published 11/08/24
[Referências do Episódio] Tempest Academy Conference 2024 - https://www.tempest.com.br/tempest_talk/tempest-academy-conference/  CVE-2024-20418 - Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point Command Injection Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-backhaul-ap-cmdinj-R7E28Ecs  Threat Campaign Spreads Winos4.0 Through Game Application -...
Published 11/07/24
[Referências do Episódio] INTERPOL cyber operation takes down 22,000 malicious IP addresses - https://www.interpol.int/News-and-Events/News/2024/INTERPOL-cyber-operation-takes-down-22-000-malicious-IP-addresses  Stable Channel Update for Desktop - Tuesday, November 5, 2024 - https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop.html  Joint ODNI, FBI, and CISA Statement - https://www.cisa.gov/news-events/news/joint-odni-fbi-and-cisa-statement-1  So far,...
Published 11/06/24
[Referências do Episódio] Tempest Academy Conference 2024 - https://www.tempest.com.br/tempest_talk/tempest-academy-conference/  CRON#TRAP: Emulated Linux Environments as the Latest Tactic in Malware Staging - https://www.securonix.com/blog/crontrap-emulated-linux-environments-as-the-latest-tactic-in-malware-staging/  Android Security Bulletin November 2024 - https://source.android.com/docs/security/bulletin/2024-11-01  Malware Analysis Report - Pygmy Goat -...
Published 11/05/24
[Referências do Episódio] [TREND MICRO NO FORRESTER] - https://www.trendmicro.com/explore/forrester-wave-xdr/01054-v1-en-www  From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code - https://googleprojectzero.blogspot.com/2024/10/from-naptime-to-big-sleep.html  G700 : The Next Generation of Craxs RAT - https://www.cyfirma.com/research/g700-the-next-generation-of-craxs-rat/  The curious case of the 7777-Botnet -...
Published 11/04/24
[Referências do Episódio] Tweet da LottieFiles sobre o comprometimento do Lottie-Player - https://x.com/LottieFiles/status/1851848602093777273  Hackers target critical zero-day vulnerability in PTZ cameras - https://www.bleepingcomputer.com/news/security/hackers-target-critical-zero-day-vulnerability-in-ptz-cameras/  Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files -...
Published 11/01/24
[Referências do Episódio] Jumpy Pisces Engages in Play Ransomware - https://unit42.paloaltonetworks.com/north-korean-threat-group-play-ransomware/  Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware - https://www.zimperium.com/blog/mishing-in-motion-uncovering-the-evolving-functionality-of-fakecall-malware/  EMERALDWHALE:  15k Cloud Credentials Stolen in Operation Targeting Exposed Git Config Files - https://sysdig.com/blog/emeraldwhale/  Крысиный...
Published 10/31/24
[Referências do Episódio] Attacker Abuses Victim Resources to Reap Rewards from Titan Network - https://www.trendmicro.com/en_us/research/24/j/titan-network.html  CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server - https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html  CISA Releases Three Industrial Control Systems...
Published 10/30/24
[Referências do Episódio] Katz and Mouse Game: MaaS Infostealers Adapt to Patched Chrome Defenses - https://www.elastic.co/security-labs/katz-and-mouse-game  Redline, Meta infostealer malware operations seized by police - https://www.bleepingcomputer.com/news/legal/redline-meta-infostealer-malware-operations-seized-by-police/  Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives -...
Published 10/29/24
[Referências do Episódio] An Update on Windows Downdate - https://www.safebreach.com/blog/update-on-windows-downdate-downgrade-attacks/ Introducing a New Vulnerability Class: False File Immutability - https://www.elastic.co/security-labs/false-file-immutability   Joint Statement by FBI and CISA on PRC Activity Targeting Telecommunications - https://www.cisa.gov/news-events/news/joint-statement-fbi-and-cisa-prc-activity-targeting-telecommunications  Chinese Hackers Are Said to...
Published 10/28/24
[Referências do Episódio] New Qilin.B Ransomware Variant Boasts Enhanced Encryption and Defense Evasion - https://www.halcyon.ai/blog/new-qilin-b-ransomware-variant-boasts-enhanced-encryption-and-defense-evasion  CISA Adds Two Known Exploited Vulnerabilities to Catalog - https://www.cisa.gov/news-events/alerts/2024/10/24/cisa-adds-two-known-exploited-vulnerabilities-catalog  AWS CDK Risk: Exploiting a Missing S3 Bucket Allowed Account Takeover -...
Published 10/25/24
[Referências do Episódio] Ada Lovelace Day 2024 - https://www.even3.com.br/ada-lovelace-day-2024-tempest/  FG-IR-24-423 - CVE-2024-47575 - Missing authentication in fgfmsd - https://fortiguard.fortinet.com/psirt/FG-IR-24-423  CVE-2024-47575: Frequently Asked Questions About FortiJump Zero-Day in FortiManager and FortiManager Cloud - https://www.tenable.com/blog/cve-2024-47575-faq-about-fortijump-zero-day-in-fortimanager-fortimanager-cloud  Investigating FortiManager Zero-Day...
Published 10/24/24
[Referências do Episódio] Akira ransomware continues to evolve - https://blog.talosintelligence.com/akira-ransomware-continues-to-evolve/ The Silent Game: Sophisticated threat actors targeting gambling industry - https://www.securityjoes.com/post/the-silent-game-sophisticated-threat-actors-targeting-gambling-industry Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia
Published 10/22/24
[Referências do Episódio] [TREND MICRO NO FORRESTER] - https://www.trendmicro.com/explore/forrester-wave-xdr/01054-v1-en-www  Tricks and Treats: GHOSTPULSE’s new pixel- level deception - https://www.elastic.co/security-labs/tricks-and-treats  Unmasking Lumma Stealer : Analyzing Deceptive Tactics with Fake CAPTCHA - https://blog.qualys.com/vulnerabilities-threat-research/2024/10/20/unmasking-lumma-stealer-analyzing-deceptive-tactics-with-fake-captcha  New Bumblebee Loader...
Published 10/21/24
[Referências do Episódio] Encrypted Symphony: Infiltrating the Cicada3301 Ransomware-as-a-Service Group - https://www.group-ib.com/blog/cicada3301/  New macOS vulnerability, “HM Surf”, could lead to unauthorized data access - https://www.microsoft.com/en-us/security/blog/2024/10/17/new-macos-vulnerability-hm-surf-could-lead-to-unauthorized-data-access/  UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants -...
Published 10/18/24
[Referências do Episódio] AhnLab and NCSC Release Joint Report on Microsoft Zero-Day Browser Vulnerability (CVE-2024-38178) - https://asec.ahnlab.com/en/83877/  Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data - https://www.trendmicro.com/en_us/research/24/j/fake-lockbit-real-damage-ransomware-samples-abuse-aws-s3-to-stea.html  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia
Published 10/17/24