Cyber Morning Call Tempest Security Intelligence
-
- Technology
Podcast de cibersegurança produzido pela Tempest com episódios diários, publicados logo pela manhã com aquilo que foi mais relevante nas últimas vinte e quatro horas em termos de novos ataques, vulnerabilidade ou ameaças.
Tudo em menos de dez minutos e traduzido para uma linguagem fácil, produzido para que você possa ajustar o curso do seu dia de modo a tomar as melhores decisões de cibersegurança para sua empresa.
-
Cyber Morning Call - #570 - 25/06/2024
[Referências do Episódio]
Chinese State-Sponsored RedJuliett Intensifies Taiwanese Cyber Espionage via Network Perimeter Exploitation - https://www.recordedfuture.com/redjuliett-intensifies-taiwanese-cyber-espionage-via-network-perimeter
Probllama: Ollama Remote Code Execution Vulnerability (CVE-2024-37032) – Overview and Mitigations - https://www.wiz.io/blog/probllama-ollama-vulnerability-cve-2024-37032
XZ backdoor: Hook analysis - https://securelist.com/xz-backdoor-part-3-hooking-ssh/113007/
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia -
Cyber Morning Call - #569 - 24/06/2024
[Referências do Episódio]
SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques - https://blog.talosintelligence.com/sneakychef-sugarghost-rat/
Unveiling SpiceRAT: SneakyChef's latest tool targeting EMEA and Asia - https://blog.talosintelligence.com/new-spicerat-sneakychef/
Sustained Campaign Using Chinese Espionage Tools Targets Telcos - https://symantec-enterprise-blogs.security.com/threat-intelligence/telecoms-espionage-asia
ANALYSIS OF PHANTOM#SPIKE: ATTACKERS LEVERAGING CHM FILES TO RUN CUSTOM CSHARP BACKDOORS LIKELY TARGETING VICTIMS ASSOCIATED WITH PAKISTAN - https://www.securonix.com/blog/analysis-of-phantomspike-attackers-leveraging-chm-files-to-run-custom-csharp-backdoors-likely-targeting-victims-associated-with-pakistan/
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia -
Cyber Morning Call - #568 - 21/06/2024
[Referências do Episódio]
UEFICANHAZBUFFEROVERFLOW: WIDESPREAD IMPACT FROM VULNERABILITY IN POPULAR PC AND SERVER FIRMWARE - https://eclypsium.com/blog/ueficanhazbufferoverflow-widespread-impact-from-vulnerability-in-popular-pc-and-server-firmware/
SolarWinds Serv-U path traversal flaw actively exploited in attacks - https://www.bleepingcomputer.com/news/security/solarwinds-serv-u-path-traversal-flaw-actively-exploited-in-attacks/
SolarWinds Serv-U Directory Transversal Vulnerability (CVE-2024-28995) - https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995
CVE-2024-28995 - https://attackerkb.com/topics/2k7UrkHyl3/cve-2024-28995/rapid7-analysis
SolarWinds Serv-U (CVE-2024-28995) exploitation: We see you! - https://www.labs.greynoise.io/grimoire/2024-06-solarwinds-serv-u/
RAFEL RAT, ANDROID MALWARE FROM ESPIONAGE TO RANSOMWARE OPERATIONS - https://research.checkpoint.com/2024/rafel-rat-android-malware-from-espionage-to-ransomware-operations/
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia -
Cyber Morning Call - #567 - 20/06/2024
[Referências do Episódio]
É HOJE!!!! TURING DAY 2024 - https://www.even3.com.br/tempest-turing-day-2024/
LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations - https://cybersecurity.att.com/blogs/labs-research/highly-evasive-squidloader-targets-chinese-organizations
AN UNPATCHED BUG ALLOWS ANYONE TO IMPERSONATE MICROSOFT CORPORATE EMAIL ACCOUNTS - https://securityaffairs.com/164675/hacking/expert-warns-of-a-spoofing-bug.html
Thread sobre a possível falha no Outlook - https://x.com/slonser_/status/1801521692314927433
Fickle Stealer Distributed via Multiple Attack Chain - https://www.fortinet.com/blog/threat-research/fickle-stealer-distributed-via-multiple-attack-chain
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia -
Cyber Morning Call - #566 - 19/06/2024
[Referências do Episódio]
TURING DAY 2024 - https://www.even3.com.br/tempest-turing-day-2024/
Behind the Great Wall: Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 C&C Framework - https://www.trendmicro.com/en_us/research/24/f/behind-the-great-wall-void-arachne-targets-chinese-speaking-user.html
虫潮降临:Zergeca僵尸网络分析报告 - https://blog.xlab.qianxin.com/the-swarm-awakens-a-deep-dive-into-the-zergeca-botnet-cn/
ExCobalt: GoRed, the hidden-tunnel technique - https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/excobalt-gored-the-hidden-tunnel-technique/
New Diamorphine rootkit variant seen undetected in the wild - https://decoded.avast.io/davidalvarez/new-diamorphine-rootkit-variant-seen-undetected-in-the-wild/
Info Stealing Campaign Uses DLL Sideloading Through Legitimate Cisco Webex’s Binaries for Initial Execution and Defense Evasion - https://www.trellix.com/blogs/research/how-attackers-repackaged-a-threat-into-something-that-looked-benign/
Rising Wave of QR Code Phishing Attacks: Chinese Citizens Targeted Using Fake Official Documents - https://cyble.com/blog/rising-wave-of-qr-code-phishing-attacks-chinese-citizens-targeted-using-fake-official-documents/
Cloaked and Covert: Uncovering UNC3886 Espionage Operations - https://cloud.google.com/blog/topics/threat-intelligence/uncovering-unc3886-espionage-operations/
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia -
Cyber Morning Call - #565 - 18/06/2024
[Referências do Episódio]
TURING DAY 2024 - https://www.even3.com.br/tempest-turing-day-2024/
China-Nexus Threat Group ‘Velvet Ant’ Abuses F5 Load Balancers for Persistence - https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/
VMSA-2024-0012:VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-37079, CVE-2024-37080, CVE-2024-37081) - https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia