652 - Zero-Day no FortiManager está sob ataque
Listen now
Description
[Referências do Episódio] Ada Lovelace Day 2024 - https://www.even3.com.br/ada-lovelace-day-2024-tempest/  FG-IR-24-423 - CVE-2024-47575 - Missing authentication in fgfmsd - https://fortiguard.fortinet.com/psirt/FG-IR-24-423  CVE-2024-47575: Frequently Asked Questions About FortiJump Zero-Day in FortiManager and FortiManager Cloud - https://www.tenable.com/blog/cve-2024-47575-faq-about-fortijump-zero-day-in-fortimanager-fortimanager-cloud  Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575) - https://cloud.google.com/blog/topics/threat-intelligence/fortimanager-zero-day-exploitation-cve-2024-47575/  CVE-2024-20424 - Cisco Secure Firewall Management Center Software Command Injection Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-v3AWDqN7  CVE-2024-20412 - Cisco Firepower Threat Defense Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5  Threat Spotlight: WarmCookie/BadSpace - https://blog.talosintelligence.com/warmcookie-analysis/  Highlighting TA866/Asylum Ambuscade Activity Since 2021 - https://blog.talosintelligence.com/highlighting-ta866-asylum-ambuscade/  Embargo ransomware: Rock’n’Rust - https://www.welivesecurity.com/en/eset-research/embargo-ransomware-rocknrust/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia
More Episodes
[Referências do Episódio] ⁠Post da Fundação Shadowserver sobre a exploração das falhas no PAN-OS - https://bsky.app/profile/shadowserver.bsky.social/post/3lbh6k7p7pc27  CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) -...
Published 11/22/24
Published 11/22/24
[Referências do Episódio] ⁠About the security content of iOS 18.1.1 and iPadOS 18.1.1⁠ ⁠About the security content of iOS 17.7.2 and iPadOS 17.7.2⁠ ⁠About the security content of macOS Sequoia 15.1.1⁠ ⁠About the security content of visionOS 2.1.1⁠ ⁠About the security content of Safari...
Published 11/21/24