666 - Patch Tuesday: Microsoft corrige 4 zero-days
Listen now
Description
[Referências do Episódio]
November 2024 Security Updates - https://msrc.microsoft.com/update-guide/releaseNote/2024-Nov
APSB24-77 : Security update available for Adobe Bridge - https://helpx.adobe.com/security/products/bridge/apsb24-77.html
APSB24-83 : Security update available for Adobe Audition - https://helpx.adobe.com/security/products/audition/apsb24-83.html
APSB24-85 : Security update available for Adobe After Effects - https://helpx.adobe.com/security/products/after_effects/apsb24-85.html
APSB24-86 : Security update available for Adobe Substance 3D Painter - https://helpx.adobe.com/security/products/substance3d_painter/apsb24-86.html
APSB24-87 : Security update available for Adobe Illustrator - https://helpx.adobe.com/security/products/illustrator/apsb24-87.html
APSB24-88 : Security update available for Adobe InDesign - https://helpx.adobe.com/security/products/indesign/apsb24-88.html
APSB24-89 : Security update available for Adobe Photoshop - https://helpx.adobe.com/security/products/photoshop/apsb24-89.html
APSB24-90 : Security update available for Adobe Commerce - https://helpx.adobe.com/security/products/magento/apsb24-90.html
FG-IR-24-199 - Named Pipes Improper Access Control - https://fortiguard.fortinet.com/psirt/FG-IR-24-199
FG-IR-24-144 - Privilege escalation via lua auto patch function - https://fortiguard.fortinet.com/psirt/FG-IR-24-144
FG-IR-23-475 - FortiOS - SSLVPN session hijacking using SAML authentication - https://fortiguard.fortinet.com/psirt/FG-IR-23-475
FG-IR-23-396 - Readonly users could run some sensitive operations - https://fortiguard.fortinet.com/psirt/FG-IR-23-396
(non-US) DSL-6740C :: All H/W Revisions :: End-of-Life / End-of-Service :: CVE-2024-11068 - Unauthorized Configuration Access Vulnerability - https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10414
APT Actors Embed Malware within macOS Flutter Applications - https://www.jamf.com/blog/jamf-threat-labs-apt-actors-embed-malware-within-macos-flutter-applications/
ModeLeak: Privilege Escalation to LLM Model Exfiltration in Vertex AI - https://unit42.paloaltonetworks.com/privilege-escalation-llm-model-exfil-vertex-ai/
Hamas-affiliated Threat Actor WIRTE Continues its Middle East Operations and Moves to Disruptive Activity - https://research.checkpoint.com/2024/hamas-affiliated-threat-actor-expands-to-disruptive-activity/
LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign - https://blogs.blackberry.com/en/2024/11/lightspy-apt41-deploys-advanced-deepdata-framework-in-targeted-southern-asia-espionage-campaign
Visionaries Have Democratised Remote Network Access - Citrix Virtual Apps and Desktops (CVE Unknown) - https://labs.watchtowr.com/visionaries-at-citrix-have-democratised-remote-network-access-citrix-virtual-apps-and-desktops-cve-unknown/
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
More Episodes
[Referências do Episódio]
Post da Fundação Shadowserver sobre a exploração das falhas no PAN-OS - https://bsky.app/profile/shadowserver.bsky.social/post/3lbh6k7p7pc27
CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) -...
Published 11/22/24
Published 11/22/24
[Referências do Episódio]
About the security content of iOS 18.1.1 and iPadOS 18.1.1
About the security content of iOS 17.7.2 and iPadOS 17.7.2
About the security content of macOS Sequoia 15.1.1
About the security content of visionOS 2.1.1
About the security content of Safari...
Published 11/21/24
Links
Twitter
Facebook
Instagram
Patreon
Genres
Artwork or description wrong?
Request an update »
Updates may take a few minutes.
Do you host a podcast?
Track your ranks and reviews from Spotify, Apple Podcasts and more.
