Episodes
[Referências do Episódio]
Post da Fundação Shadowserver sobre a exploração das falhas no PAN-OS - https://bsky.app/profile/shadowserver.bsky.social/post/3lbh6k7p7pc27
CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) - https://security.paloaltonetworks.com/CVE-2024-0012
CVE-2024-9474 PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface - https://security.paloaltonetworks.com/CVE-2024-9474
Forti-fied?...
Published 11/22/24
[Referências do Episódio]
About the security content of iOS 18.1.1 and iPadOS 18.1.1
About the security content of iOS 17.7.2 and iPadOS 17.7.2
About the security content of macOS Sequoia 15.1.1
About the security content of visionOS 2.1.1
About the security content of Safari 18.1.1
Qualys Security Advisory - LPEs in needrestart (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003)
Python NodeStealer Targets Facebook Ads Manager with New...
Published 11/21/24
[Referências do Episódio]
Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 - https://unit42.paloaltonetworks.com/cve-2024-0012-cve-2024-9474/
VMSA-2024-0019:VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-38812, CVE-2024-38813) - https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968
CVE-2024-10524 Wget Zero Day Vulnerability -...
Published 11/19/24
[Referências do Episódio]
PAN-SA-2024-0015 Critical Security Bulletin: Ensure Access to Management Interface is Secured - https://security.paloaltonetworks.com/PAN-SA-2024-0015
BrazenBamboo Weaponizes FortiClient Vulnerability to Steal VPN Credentials via DEEPDATA - https://www.volexity.com/blog/2024/11/15/brazenbamboo-weaponizes-forticlient-vulnerability-to-steal-vpn-credentials-via-deepdata/
FG-IR-24-423 - Missing authentication in fgfmsd -...
Published 11/18/24
[Referências do Episódio]
Emerging Threats: Cybersecurity Forecast 2025 - https://cloud.google.com/blog/topics/threat-intelligence/cybersecurity-forecast-2025/
The Problem with IoT Cloud-Connectivity and How it Exposed All OvrC Devices to Hijacking - https://claroty.com/team82/research/the-problem-with-iot-cloud-connectivity-and-how-it-exposed-all-ovrc-devices-to-hijacking
Global Companies Are Unknowingly Paying North Koreans: Here’s How to Catch Them -...
Published 11/14/24
[Referências do Episódio]
November 2024 Security Updates - https://msrc.microsoft.com/update-guide/releaseNote/2024-Nov
APSB24-77 : Security update available for Adobe Bridge - https://helpx.adobe.com/security/products/bridge/apsb24-77.html
APSB24-83 : Security update available for Adobe Audition - https://helpx.adobe.com/security/products/audition/apsb24-83.html
APSB24-85 : Security update available for Adobe After Effects -...
Published 11/13/24
[Referências do Episódio]
Ymir: new stealthy ransomware in the wild - https://securelist.com/new-ymir-ransomware-found-in-colombia/114493/
0检测的Melofee 木马新变种曝光,专攻RHEL 7.9系统 - https://blog.xlab.qianxin.com/analysis_of_new_melofee_variant/
Trend Micro and Japanese Partners Reveal Hidden Connections Among SEO Malware Operations - https://www.trendmicro.com/en_us/research/24/k/seo-malware.html
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo...
Published 11/12/24
[Referências do Episódio]
VEEAM exploit seen used again with a new ransomware: “Frag” - https://news.sophos.com/en-us/2024/11/08/veeam-exploit-seen-used-again-with-a-new-ransomware-frag/
PAN-SA-2024-0015 Important Informational Bulletin: Ensure Access to Management Interface is Secured - https://security.paloaltonetworks.com/PAN-SA-2024-0015
Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns -...
Published 11/11/24
[Referências do Episódio]
BlueNoroff Hidden Risk | Threat Actor Targets Macs with Fake Crypto News and Novel Persistence - https://www.sentinelone.com/labs/bluenoroff-hidden-risk-threat-actor-targets-macs-with-fake-crypto-news-and-novel-persistence/
The Lazarus Heist - https://www.bbc.co.uk/programmes/w13xtvg9/episodes/downloads
GuLoader: Evolving Tactics in Latest Campaign Targeting European Industry -...
Published 11/08/24
[Referências do Episódio]
Tempest Academy Conference 2024 - https://www.tempest.com.br/tempest_talk/tempest-academy-conference/
CVE-2024-20418 - Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point Command Injection Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-backhaul-ap-cmdinj-R7E28Ecs
Threat Campaign Spreads Winos4.0 Through Game Application -...
Published 11/07/24
[Referências do Episódio]
INTERPOL cyber operation takes down 22,000 malicious IP addresses - https://www.interpol.int/News-and-Events/News/2024/INTERPOL-cyber-operation-takes-down-22-000-malicious-IP-addresses
Stable Channel Update for Desktop - Tuesday, November 5, 2024 - https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop.html
Joint ODNI, FBI, and CISA Statement - https://www.cisa.gov/news-events/news/joint-odni-fbi-and-cisa-statement-1
So far,...
Published 11/06/24
[Referências do Episódio]
Tempest Academy Conference 2024 - https://www.tempest.com.br/tempest_talk/tempest-academy-conference/
CRON#TRAP: Emulated Linux Environments as the Latest Tactic in Malware Staging - https://www.securonix.com/blog/crontrap-emulated-linux-environments-as-the-latest-tactic-in-malware-staging/
Android Security Bulletin November 2024 - https://source.android.com/docs/security/bulletin/2024-11-01
Malware Analysis Report - Pygmy Goat -...
Published 11/05/24
[Referências do Episódio]
[TREND MICRO NO FORRESTER] - https://www.trendmicro.com/explore/forrester-wave-xdr/01054-v1-en-www
From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code - https://googleprojectzero.blogspot.com/2024/10/from-naptime-to-big-sleep.html
G700 : The Next Generation of Craxs RAT - https://www.cyfirma.com/research/g700-the-next-generation-of-craxs-rat/
The curious case of the 7777-Botnet -...
Published 11/04/24
[Referências do Episódio]
Tweet da LottieFiles sobre o comprometimento do Lottie-Player - https://x.com/LottieFiles/status/1851848602093777273
Hackers target critical zero-day vulnerability in PTZ cameras - https://www.bleepingcomputer.com/news/security/hackers-target-critical-zero-day-vulnerability-in-ptz-cameras/
Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files -...
Published 11/01/24
[Referências do Episódio]
Jumpy Pisces Engages in Play Ransomware - https://unit42.paloaltonetworks.com/north-korean-threat-group-play-ransomware/
Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware - https://www.zimperium.com/blog/mishing-in-motion-uncovering-the-evolving-functionality-of-fakecall-malware/
EMERALDWHALE: 15k Cloud Credentials Stolen in Operation Targeting Exposed Git Config Files - https://sysdig.com/blog/emeraldwhale/
Крысиный...
Published 10/31/24
[Referências do Episódio]
Attacker Abuses Victim Resources to Reap Rewards from Titan Network - https://www.trendmicro.com/en_us/research/24/j/titan-network.html
CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server - https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html
CISA Releases Three Industrial Control Systems...
Published 10/30/24
[Referências do Episódio]
Katz and Mouse Game: MaaS Infostealers Adapt to Patched Chrome Defenses - https://www.elastic.co/security-labs/katz-and-mouse-game
Redline, Meta infostealer malware operations seized by police - https://www.bleepingcomputer.com/news/legal/redline-meta-infostealer-malware-operations-seized-by-police/
Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives -...
Published 10/29/24
[Referências do Episódio]
An Update on Windows Downdate - https://www.safebreach.com/blog/update-on-windows-downdate-downgrade-attacks/
Introducing a New Vulnerability Class: False File Immutability - https://www.elastic.co/security-labs/false-file-immutability
Joint Statement by FBI and CISA on PRC Activity Targeting Telecommunications - https://www.cisa.gov/news-events/news/joint-statement-fbi-and-cisa-prc-activity-targeting-telecommunications
Chinese Hackers Are Said to...
Published 10/28/24
[Referências do Episódio]
New Qilin.B Ransomware Variant Boasts Enhanced Encryption and Defense Evasion - https://www.halcyon.ai/blog/new-qilin-b-ransomware-variant-boasts-enhanced-encryption-and-defense-evasion
CISA Adds Two Known Exploited Vulnerabilities to Catalog - https://www.cisa.gov/news-events/alerts/2024/10/24/cisa-adds-two-known-exploited-vulnerabilities-catalog
AWS CDK Risk: Exploiting a Missing S3 Bucket Allowed Account Takeover -...
Published 10/25/24
[Referências do Episódio]
Ada Lovelace Day 2024 - https://www.even3.com.br/ada-lovelace-day-2024-tempest/
FG-IR-24-423 - CVE-2024-47575 - Missing authentication in fgfmsd - https://fortiguard.fortinet.com/psirt/FG-IR-24-423
CVE-2024-47575: Frequently Asked Questions About FortiJump Zero-Day in FortiManager and FortiManager Cloud - https://www.tenable.com/blog/cve-2024-47575-faq-about-fortijump-zero-day-in-fortimanager-fortimanager-cloud
Investigating FortiManager Zero-Day...
Published 10/24/24
[Referências do Episódio]
Akira ransomware continues to evolve - https://blog.talosintelligence.com/akira-ransomware-continues-to-evolve/
The Silent Game: Sophisticated threat actors targeting gambling industry - https://www.securityjoes.com/post/the-silent-game-sophisticated-threat-actors-targeting-gambling-industry
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
Published 10/22/24
[Referências do Episódio]
[TREND MICRO NO FORRESTER] - https://www.trendmicro.com/explore/forrester-wave-xdr/01054-v1-en-www
Tricks and Treats: GHOSTPULSE’s new pixel- level deception - https://www.elastic.co/security-labs/tricks-and-treats
Unmasking Lumma Stealer : Analyzing Deceptive Tactics with Fake CAPTCHA - https://blog.qualys.com/vulnerabilities-threat-research/2024/10/20/unmasking-lumma-stealer-analyzing-deceptive-tactics-with-fake-captcha
New Bumblebee Loader...
Published 10/21/24
[Referências do Episódio]
Encrypted Symphony: Infiltrating the Cicada3301 Ransomware-as-a-Service Group - https://www.group-ib.com/blog/cicada3301/
New macOS vulnerability, “HM Surf”, could lead to unauthorized data access - https://www.microsoft.com/en-us/security/blog/2024/10/17/new-macos-vulnerability-hm-surf-could-lead-to-unauthorized-data-access/
UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants -...
Published 10/18/24
[Referências do Episódio]
AhnLab and NCSC Release Joint Report on Microsoft Zero-Day Browser Vulnerability (CVE-2024-38178) - https://asec.ahnlab.com/en/83877/
Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data - https://www.trendmicro.com/en_us/research/24/j/fake-lockbit-real-damage-ransomware-samples-abuse-aws-s3-to-stea.html
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
Published 10/17/24