Cyber Morning Call Tempest Security Intelligence

[Referências do Episódio]

Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia - https://unit42.paloaltonetworks.com/operation-diplomatic-specter/

SHARP DRAGON EXPANDS TOWARDS AFRICA AND THE CARIBBEAN - https://research.checkpoint.com/2024/sharp-dragon-expands-towards-africa-and-the-caribbean/

ShrinkLocker: Turning BitLocker into ransomware - https://securelist.com/ransomware-abuses-bitlocker/112643/



Roteiro e apresentação: Carlos Cabral e Bianca Oliveira

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

[Referências do Episódio]
Deep Dive Into Unfading Sea Haze: A New Threat Actor in the South China Sea - https://www.bitdefender.com/blog/businessinsights/deep-dive-into-unfading-sea-haze-a-new-threat-actor-in-the-south-china-sea/
IOC Extinction? China-Nexus Cyber Espionage Actors Use ORB Networks to Raise Cost on Defenders - https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-orb-networks/

Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia

[Referências do Episódio]
Fórum da Internet do Brasil - MAIS UMA VÍTIMA NÃO: Tecnologias digitais como forma de promoção e proteção de defensores de direitos humanos no Brasil - https://forumdainternet.cgi.br/agenda/3056
Critical GitHub Enterprise Server Flaw Allows Authentication Bypass - https://thehackernews.com/2024/05/critical-github-enterprise-server-flaw.html
Enabling encrypted assertions - https://docs.github.com/en/enterprise-server@3.12/admin/identity-and-access-management/using-saml-for-enterprise-iam/enabling-encrypted-assertions
Veeam Backup Enterprise Manager Vulnerabilities (CVE-2024-29849, CVE-2024-29850, CVE-2024-29851, CVE-2024-29852) - https://www.veeam.com/kb4581
SD1672 | IMPORTANT NOTICE: Rockwell Automation Reiterates Customer Guidance to Disconnect Devices from the Internet to Protect from Cyber Threats - https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1672.html
Invisible miners: unveiling GHOSTENGINE’s crypto mining operations - https://www.elastic.co/security-labs/invisible-miners-unveiling-ghostengine
ANALYSIS AND DETECTION OF CLOUD#REVERSER: AN ATTACK INVOLVING THREAT ACTORS COMPROMISING SYSTEMS USING A SOPHISTICATED CLOUD-BASED MALWARE - https://www.securonix.com/blog/analysis-and-detection-of-cloudreverser-an-attack-involving-threat-actors-compromising-systems-using-a-sophisticated-cloud-based-malware/
RIGHT-TO-LEFT OVERRIDE - https://unicode-explorer.com/c/202E

Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia

[Referências do Episódio]
Grandoreiro banking trojan unleashed: X-Force observing emerging global ca mpaigns - https://securityintelligence.com/x-force/grandoreiro-banking-trojan-unleashed/
BAD KARMA, NO JUSTICE: VOID MANTICORE DESTRUCTIVE ACTIVITIES IN ISRAEL - https://research.checkpoint.com/2024/bad-karma-no-justice-void-manticore-destructive-activities-in-israel/
Master of Puppets: Uncovering the DoppelGänger pro-Russian influence campaign - https://blog.sekoia.io/master-of-puppets-uncovering-the-doppelganger-pro-russian-influence-campaign/
Tiny BackDoor Goes Undetected – Suspected Turla leveraging MSBuild to Evade detection - https://cyble.com/blog/tiny-backdoor-goes-undetected-suspected-turla-leveraging-msbuild-to-evade-detection/

Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia

[Referências do Episódio]
Springtail: New Linux Backdoor Added to Toolkit - https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/springtail-kimsuky-backdoor-espionage
Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID - https://www.elastic.co/security-labs/spring-cleaning-with-latrodectus
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia

[Referências do Episódio]
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware - https://www.microsoft.com/en-us/security/blog/2024/05/15/threat-actors-misusing-quick-assist-in-social-engineering-attacks-leading-to-ransomware/
To the Moon and back(doors): Lunar landing in diplomatic missions - https://www.welivesecurity.com/en/eset-research/moon-backdoors-lunar-landing-diplomatic-missions/
Security Brief: Artificial Sweetener: SugarGh0st RAT Used to Target American Artificial Intelligence Experts - https://www.proofpoint.com/us/blog/threat-insight/security-brief-artificial-sweetener-sugargh0st-rat-used-target-american
Google patches third exploited Chrome zero-day in a week - https://www.bleepingcomputer.com/news/google/google-patches-third-exploited-chrome-zero-day-in-a-week/

Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia