Cyber Morning Call

Tempest Security Intelligence
  • 5,0 (21)
  • TECNOLOGIA
  • DIÁRIO
Podcast Cyber Morning Call

Podcast de cibersegurança produzido pela Tempest com episódios diários, publicados logo pela manhã com aquilo que foi mais relevante nas últimas vinte e quatro horas em termos de novos ataques, vulnerabilidade ou ameaças. Tudo em menos de dez minutos e traduzido para uma linguagem fácil, produzido para que você possa ajustar o curso do seu dia de modo a tomar as melhores decisões de cibersegurança para sua empresa.

  1. HÁ 11 H

    631 - Nova variante do Grandoreiro afeta mais de 4 mil bancos em todo o mundo

    [Referências do Episódio] Evolução e adaptação: nova variante do Grandoreiro afeta 4 mil entidades em todo o mundo - https://sidechannel.blog/evolucao-e-adaptacao-nova-variante-do-grandoreiro-afeta-4-mil-entidades-em-todo-o-mundo/  New Banking Trojan “CHAVECLOAK” Targets Brazil - https://www.fortinet.com/blog/threat-research/banking-trojan-chavecloak-targets-brazil  Ivanti Releases Admin Bypass Security Update for Cloud Services Appliance - https://www.cisa.gov/news-events/alerts/2024/09/19/ivanti-releases-admin-bypass-security-update-cloud-services-appliance  UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks - https://cloud.google.com/blog/topics/threat-intelligence/unc1860-iran-middle-eastern-networks/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    4min

  2. HÁ 1 DIA

    630 - Earth Baxia, Raptor Train, SambaSpy e nova vuln no Gitlab

    [Referências do Episódio] Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC - https://www.trendmicro.com/en_us/research/24/i/earth-baxia-spear-phishing-and-geoserver-exploit.html  GrimResource -  Microsoft Management Console for initial access and evasion - https://www.elastic.co/security-labs/grimresource Hijack Execution Flow: AppDomainManager - https://attack.mitre.org/techniques/T1574/014/  Derailing the Raptor Train - https://blog.lumen.com/derailing-the-raptor-train/  Exotic SambaSpy is now dancing with Italian users - https://securelist.com/sambaspy-rat-targets-italian-users/113851/  GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions - https://thehackernews.com/2024/09/gitlab-patches-critical-saml.html  Global Coalition Takes Down New Criminal Communication Platform - https://www.europol.europa.eu/media-press/newsroom/news/global-coalition-takes-down-new-criminal-communication-platform Microsoft: Vanilla Tempest hackers hit healthcare with INC ransomware - https://www.bleepingcomputer.com/news/microsoft/microsoft-vanilla-tempest-hackers-hit-healthcare-with-inc-ransomware/  Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors - https://unit42.paloaltonetworks.com/gleaming-pisces-applejeus-poolrat-and-pondrat/  WebDAV-as-a-Service: Uncovering the infrastructure behind Emmenhtal loader distribution - https://blog.sekoia.io/webdav-as-a-service-uncovering-the-infrastructure-behind-emmenhtal-loader-distribution/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    7min

  3. HÁ 2 DIAS

    629 - O que pode ter feito os pagers do Hezbollah explodirem?

    [Referências do Episódio] Hezbollah blames Israel after pager explosions kill nine and injure thousands in Lebanon - https://www.bbc.com/news/articles/cd7xnelvpepo  How did Hezbollah’s pagers explode in Lebanon? - https://www.aljazeera.com/news/2024/9/17/how-did-hezbollahs-pagers-explode-in-lebanon  Hezbollah Pagers Explode in Apparent Attack Across Lebanon - https://www.wsj.com/world/middle-east/hundreds-of-hezbollah-operatives-pagers-explode-in-apparent-attack-across-lebanon-cf31cad4  Exploding pager analysis, construction company vulnerability, cyberattack job loss - https://open.spotify.com/episode/7uRZpzT8yLejjYbpAyCjoB?si=CpzZ15uyT-y17EaQ50n5CQ  Hezbollah pager explosions, if caused by the Mossad, would be a big escalation - https://www.theguardian.com/world/2024/sep/17/hezbollah-pager-explosions-if-caused-by-the-mossad-would-be-a-big-escalation  VMSA-2024-0019:VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-38812, CVE-2024-38813) - https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968  “Marko Polo” Navigates Uncharted Waters With Infostealer Empire - https://go.recordedfuture.com/hubfs/reports/cta-2024-0917.pdf  Storm clouds on the horizon: Resurgence of TeamTNT? - https://www.group-ib.com/blog/teamtnt/  An Offer You Can Refuse: UNC2970 Backdoor Deployment Using Trojanized PDF Reader - https://cloud.google.com/blog/topics/threat-intelligence/unc2970-backdoor-trojanized-pdf-reader/  Code of Conduct: DPRK’s Python- fueled intrusions into secured networks - https://www.elastic.co/security-labs/dprk-code-of-conduct  Analysis of Fox Kitten Infrastructure Reveals Unique Host Patterns and Potentially New IOCs - https://censys.com/analysis-of-fox-kitten-infrastructure-reveals-unique-host-patterns-and-potentially-new-iocs/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    6min

  4. HÁ 3 DIAS

    628 - D-Link corrige vulns críticas em vários dispositivos

    [Referências do Episódio] DIR-X4860 / DIR-X5460 / COVR-X1870 :: TWCERT - TVN-202409021 / TVN-202409022 / TVN-202409023 / TVN-202409024 / TVN-202429025 Vulnerabilities reports - https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10412  SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks - https://thehackernews.com/2024/09/solarwinds-issues-patch-for-critical.html  Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024 - https://securityaffairs.com/168467/hacking/windows-cve-2024-43461-actively-exploited-before-july-2024.html  CISA Adds Two Known Exploited Vulnerabilities to Catalog - https://www.cisa.gov/news-events/alerts/2024/09/16/cisa-adds-two-known-exploited-vulnerabilities-catalog  CloudImposer: Executing Code on Millions of Google Servers with a Single Malicious Package - https://www.tenable.com/blog/cloudimposer-executing-code-on-millions-of-google-servers-with-a-single-malicious-package  About the security content of macOS Sequoia 15 - https://support.apple.com/pt-br/121238 About the security content of tvOS 18 - https://support.apple.com/pt-br/121248  About the security content of visionOS 2 - https://support.apple.com/pt-br/121249  About the security content of watchOS 11 - https://support.apple.com/pt-br/121240  About the security content of Safari 18 - https://support.apple.com/pt-br/121241  About the security content of Xcode 16 - https://support.apple.com/pt-br/121239  About the security content of iOS 17.7 and iPadOS 17.7 - https://support.apple.com/pt-br/121246  About the security content of macOS Sonoma 14.7 - https://support.apple.com/pt-br/121247  About the security content of macOS Ventura 13.7 - https://support.apple.com/pt-br/121234  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    5min

  5. HÁ 4 DIAS

    627 - Ataques exploram nova falha no Ivanti CSA

    [Referências do Episódio] [TREND MICRO NO FORRESTER] - https://www.trendmicro.com/explore/forrester-wave-xdr/01054-v1-en-www  Security Advisory Ivanti Cloud Service Appliance (CSA) (CVE-2024-8190) - https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190?language=en_US  Attacking PowerShell CLIXML Deserialization - https://www.truesec.com/hub/blog/attacking-powershell-clixml-deserialization  Gomorrah Stealer v5.1: An In-Depth Analysis of a .NET-Based Malware - https://www.cyfirma.com/research/gomorrah-stealer-v5-1-an-in-depth-analysis-of-a-net-based-malware/ CUCKOO SPEAR Part 1: Analyzing NOOPDOOR from an IR Perspective - https://www.cybereason.com/blog/cuckoo-spear-analyzing-noopdoor  Stealthy Fileless Attack Targets Attendees of Upcoming US-Taiwan Defense Industry Event - https://cyble.com/blog/stealthy-fileless-attack-targets-attendees-of-us-taiwan-defense-industry-event/  Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers - https://thehackernews.com/2024/09/apple-vision-pro-vulnerability-exposed.html  Distributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/distributed-denial-of-truth-ddot-the-mechanics-of-influence-operations-and-the-weaponization-of-social-media/  CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability - https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29847-deep-dive-ivanti-endpoint-manager-agentportal-deserialization-of-untrusted-data-remote-code-execution-vulnerability/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    7min

  6. 13 DE SET.

    626 - Brasil concentra maior taxa de infecção por malware para TV Box

    [Referências do Episódio] Void captures over a million Android TV boxes - https://news.drweb.com/show/?i=14900&lng=en  Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide - https://thehackernews.com/2024/09/beware-new-vo1d-malware-infects-13.html  Ransomware: Attacks Once More Nearing Peak Levels - https://symantec-enterprise-blogs.security.com/threat-intelligence/ransomware-attacks-rebound  Crystal Rans0m: Emerging hybrid ransomware with stealer capabilities - https://outpost24.com/blog/crystal-ransom-hybrid-ransomware/  Hadooken Malware Targets Weblogic Applications - https://www.aquasec.com/blog/hadooken-malware-targets-weblogic-applications/  Protecting Against RCE Attacks Abusing WhatsUp Gold Vulnerabilities - https://www.trendmicro.com/en_us/research/24/i/whatsup-gold-rce.html  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    6min

  7. 12 DE SET.

    625 - Novo adversário chinês abusa de SEO

    [Referências do Episódio] DragonRank, a Chinese-speaking SEO manipulator service provider - https://blog.talosintelligence.com/dragon-rank-seo-poisoning/  We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI - https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/  Targeted Iranian Attacks Against Iraqi Government Infrastructure - https://research.checkpoint.com/2024/iranian-malware-attacks-iraqi-government/  Cleaver (APT34) - https://malpedia.caad.fkie.fraunhofer.de/actor/cleaver  Threat Assessment: Repellent Scorpius, Distributors of Cicada3301 Ransomware - https://unit42.paloaltonetworks.com/repellent-scorpius-cicada3301-ransomware/  Insights on Cyber Threats Targeting Users and Enterprises in Mexico - https://cloud.google.com/blog/topics/threat-intelligence/cyber-threats-targeting-mexico/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    5min

  8. 11 DE SET.

    624 - Patch Tuesday contempla 4 zero-days

    [Referências do Episódio] Microsoft September 2024 Security Updates - https://answers.microsoft.com/en-us/windows/forum/all/microsoft-september-2024-security-updates/50243470-d3c3-46c2-acd1-7ecd4f3cf059  CISA Adds Four Known Exploited Vulnerabilities to Catalog - https://www.cisa.gov/news-events/alerts/2024/09/10/cisa-adds-four-known-exploited-vulnerabilities-catalog  Security Advisory EPM September 2024 for EPM 2024 and EPM 2022 - https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022?language=en_US  Inadequate user validation and no brute force protection on change password requests - https://fortiguard.fortinet.com/psirt/FG-IR-24-048  Citrix Workspace app for Windows Security Bulletin CVE-2024-7889 and CVE-2024-7890 - https://support.citrix.com/s/article/CTX691485-citrix-workspace-app-for-windows-security-bulletin-cve20247889-and-cve20247890?language=en_US  Security updates available for Adobe ColdFusion | APSB24-71 - https://helpx.adobe.com/security/products/coldfusion/apsb24-71.html  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    4min
Ver tudo (633)

Trailer

5
de 5
21 avaliações

Sobre

Podcast de cibersegurança produzido pela Tempest com episódios diários, publicados logo pela manhã com aquilo que foi mais relevante nas últimas vinte e quatro horas em termos de novos ataques, vulnerabilidade ou ameaças. Tudo em menos de dez minutos e traduzido para uma linguagem fácil, produzido para que você possa ajustar o curso do seu dia de modo a tomar as melhores decisões de cibersegurança para sua empresa.

Informações

  • Criado por
    Tempest Security Intelligence
  • Anos de atividade
    2022 - 2024
  • Episódios
    633
  • Classificação
    Livre
  • Copyright
    © Tempest Security Intelligence
  • Site do podcast
    Cyber Morning Call

Você também pode gostar de

Para ouvir episódios explícitos, inicie sessão.

Fique por dentro deste podcast

Inicie sessão ou crie uma conta para seguir podcasts, salvar episódios e receber as atualizações mais recentes.
Selecionar um país ou região

África, Oriente Médio e Índia

Ásia‑Pacífico

Europa

América Latina e Caribe

Estados Unidos e Canadá