Cyber Morning Call

Tempest Security Intelligence
  • 0,0 (0)
  • TEKNOLOGI
  • DAGLIG
Cyber Morning Call Podkast

Podcast de cibersegurança produzido pela Tempest com episódios diários, publicados logo pela manhã com aquilo que foi mais relevante nas últimas vinte e quatro horas em termos de novos ataques, vulnerabilidade ou ameaças. Tudo em menos de dez minutos e traduzido para uma linguagem fácil, produzido para que você possa ajustar o curso do seu dia de modo a tomar as melhores decisões de cibersegurança para sua empresa.

  1. -9 T

    634 - Trojan Bancário BBTok usa DANFE como mote de ataque

    [Referências do Episódio] BBTok Targeting Brazil: Deobfuscating the .NET Loader with dnlib and PowerShell - https://www.gdatasoftware.com/blog/2024/09/38039-bbtok-deobfuscating-net-loader#c235408  SilentSelfie: Uncovering a major watering hole campaign against Kurdish websites - https://blog.sekoia.io/silentselfie-uncovering-a-major-watering-hole-campaign-against-kurdish-websites/  LummaC2: Obfuscation Through Indirect Control Flow - https://cloud.google.com/blog/topics/threat-intelligence/lummac2-obfuscation-through-indirect-control-flow/  Inside the Dragon: DragonForce Ransomware Group - https://www.group-ib.com/blog/dragonforce-ransomware/  Mist: RADIUS Protocol Vulnerability (Blast-RADIUS) (CVE-2024-3596) - https://supportportal.juniper.net/s/article/Mist-RADIUS-Protocol-Vulnerability-Blast-RADIUS-CVE-2024-3596?language=en_US  Cisco Catalyst SD-WAN Routers Denial of Service Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-utd-dos-hDATqxs Cisco IOS XE Software for Wireless Controllers CWA Pre-Authentication ACL Bypass Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-cwa-acl-nPSbHSnA Cisco Catalyst Center Static SSH Host Key Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj Cisco IOS XE Software IPv4 Fragmentation Reassembly Denial of Service Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cpp-vfr-dos-nhHKGgO  Cisco IOS and IOS XE Software Resource Reservation Protocol Denial of Service Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rsvp-dos-OypvgVZf  Cisco IOS XE Software Protocol Independent Multicast Denial of Service Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pim-APbVfySJ  Cisco IOS Software on Cisco Industrial Ethernet Series Switches Access Control List Bypass Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-repacl-9eXgnBpD  Cisco IOS and IOS XE Software Web UI Cross-Site Request Forgery Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-webui-HfwnRgk  Cisco IOS XE Software SD-Access Fabric Edge Node Denial of Service Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sda-edge-dos-MBcbG9k Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-csrf-ycUYxkKO  Cisco IOS XE Software HTTP Server Telephony Services Denial of Service Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-httpsrvr-dos-yOZThut  Cyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023 - https://web-assets.esetstatic.com/wls/en/papers/white-papers/cyberespionage-gamaredon-way.pdf  From 12 to 21: how we discovered connections between the Twelve and BlackJack groups - https://securelist.com/blackjack-hacktivists-connection-with-twelve/113959/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    6 min

  2. -2 D.

    633 - Necro: nova variante já alcançou 11 milhões de dispositivos

    [Referências do Episódio] How the Necro Trojan infected 11 million Android users - https://www.kaspersky.com/blog/necro-infects-android-users/52201/  Kryptina RaaS | From Unsellable Cast-Off to Enterprise Ransomware - https://www.sentinelone.com/labs/kryptina-raas-from-unsellable-cast-off-to-enterprise-ransomware/  Inside SnipBot: The Latest RomCom Malware Variant - https://unit42.paloaltonetworks.com/snipbot-romcom-malware-variant/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    3 min

  3. -3 D.

    632 - Ransomhub desativa EDRs com o EDRKillShifter

    [Referências do Episódio] How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections - https://www.trendmicro.com/en_us/research/24/i/how-ransomhub-ransomware-uses-edrkillshifter-to-disable-edr-and-.html  -=TWELVE=- is back - https://securelist.com/twelve-group-unified-kill-chain/113877/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    4 min

  4. -6 D.

    631 - Nova variante do Grandoreiro afeta mais de 4 mil bancos em todo o mundo

    [Referências do Episódio] Evolução e adaptação: nova variante do Grandoreiro afeta 4 mil entidades em todo o mundo - https://sidechannel.blog/evolucao-e-adaptacao-nova-variante-do-grandoreiro-afeta-4-mil-entidades-em-todo-o-mundo/  New Banking Trojan “CHAVECLOAK” Targets Brazil - https://www.fortinet.com/blog/threat-research/banking-trojan-chavecloak-targets-brazil  Ivanti Releases Admin Bypass Security Update for Cloud Services Appliance - https://www.cisa.gov/news-events/alerts/2024/09/19/ivanti-releases-admin-bypass-security-update-cloud-services-appliance  UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks - https://cloud.google.com/blog/topics/threat-intelligence/unc1860-iran-middle-eastern-networks/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    4 min

  5. 19. SEP.

    630 - Earth Baxia, Raptor Train, SambaSpy e nova vuln no Gitlab

    [Referências do Episódio] Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC - https://www.trendmicro.com/en_us/research/24/i/earth-baxia-spear-phishing-and-geoserver-exploit.html  GrimResource -  Microsoft Management Console for initial access and evasion - https://www.elastic.co/security-labs/grimresource Hijack Execution Flow: AppDomainManager - https://attack.mitre.org/techniques/T1574/014/  Derailing the Raptor Train - https://blog.lumen.com/derailing-the-raptor-train/  Exotic SambaSpy is now dancing with Italian users - https://securelist.com/sambaspy-rat-targets-italian-users/113851/  GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions - https://thehackernews.com/2024/09/gitlab-patches-critical-saml.html  Global Coalition Takes Down New Criminal Communication Platform - https://www.europol.europa.eu/media-press/newsroom/news/global-coalition-takes-down-new-criminal-communication-platform Microsoft: Vanilla Tempest hackers hit healthcare with INC ransomware - https://www.bleepingcomputer.com/news/microsoft/microsoft-vanilla-tempest-hackers-hit-healthcare-with-inc-ransomware/  Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors - https://unit42.paloaltonetworks.com/gleaming-pisces-applejeus-poolrat-and-pondrat/  WebDAV-as-a-Service: Uncovering the infrastructure behind Emmenhtal loader distribution - https://blog.sekoia.io/webdav-as-a-service-uncovering-the-infrastructure-behind-emmenhtal-loader-distribution/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    7 min

  6. 18. SEP.

    629 - O que pode ter feito os pagers do Hezbollah explodirem?

    [Referências do Episódio] Hezbollah blames Israel after pager explosions kill nine and injure thousands in Lebanon - https://www.bbc.com/news/articles/cd7xnelvpepo  How did Hezbollah’s pagers explode in Lebanon? - https://www.aljazeera.com/news/2024/9/17/how-did-hezbollahs-pagers-explode-in-lebanon  Hezbollah Pagers Explode in Apparent Attack Across Lebanon - https://www.wsj.com/world/middle-east/hundreds-of-hezbollah-operatives-pagers-explode-in-apparent-attack-across-lebanon-cf31cad4  Exploding pager analysis, construction company vulnerability, cyberattack job loss - https://open.spotify.com/episode/7uRZpzT8yLejjYbpAyCjoB?si=CpzZ15uyT-y17EaQ50n5CQ  Hezbollah pager explosions, if caused by the Mossad, would be a big escalation - https://www.theguardian.com/world/2024/sep/17/hezbollah-pager-explosions-if-caused-by-the-mossad-would-be-a-big-escalation  VMSA-2024-0019:VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-38812, CVE-2024-38813) - https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968  “Marko Polo” Navigates Uncharted Waters With Infostealer Empire - https://go.recordedfuture.com/hubfs/reports/cta-2024-0917.pdf  Storm clouds on the horizon: Resurgence of TeamTNT? - https://www.group-ib.com/blog/teamtnt/  An Offer You Can Refuse: UNC2970 Backdoor Deployment Using Trojanized PDF Reader - https://cloud.google.com/blog/topics/threat-intelligence/unc2970-backdoor-trojanized-pdf-reader/  Code of Conduct: DPRK’s Python- fueled intrusions into secured networks - https://www.elastic.co/security-labs/dprk-code-of-conduct  Analysis of Fox Kitten Infrastructure Reveals Unique Host Patterns and Potentially New IOCs - https://censys.com/analysis-of-fox-kitten-infrastructure-reveals-unique-host-patterns-and-potentially-new-iocs/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    6 min

  7. 17. SEP.

    628 - D-Link corrige vulns críticas em vários dispositivos

    [Referências do Episódio] DIR-X4860 / DIR-X5460 / COVR-X1870 :: TWCERT - TVN-202409021 / TVN-202409022 / TVN-202409023 / TVN-202409024 / TVN-202429025 Vulnerabilities reports - https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10412  SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks - https://thehackernews.com/2024/09/solarwinds-issues-patch-for-critical.html  Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024 - https://securityaffairs.com/168467/hacking/windows-cve-2024-43461-actively-exploited-before-july-2024.html  CISA Adds Two Known Exploited Vulnerabilities to Catalog - https://www.cisa.gov/news-events/alerts/2024/09/16/cisa-adds-two-known-exploited-vulnerabilities-catalog  CloudImposer: Executing Code on Millions of Google Servers with a Single Malicious Package - https://www.tenable.com/blog/cloudimposer-executing-code-on-millions-of-google-servers-with-a-single-malicious-package  About the security content of macOS Sequoia 15 - https://support.apple.com/pt-br/121238 About the security content of tvOS 18 - https://support.apple.com/pt-br/121248  About the security content of visionOS 2 - https://support.apple.com/pt-br/121249  About the security content of watchOS 11 - https://support.apple.com/pt-br/121240  About the security content of Safari 18 - https://support.apple.com/pt-br/121241  About the security content of Xcode 16 - https://support.apple.com/pt-br/121239  About the security content of iOS 17.7 and iPadOS 17.7 - https://support.apple.com/pt-br/121246  About the security content of macOS Sonoma 14.7 - https://support.apple.com/pt-br/121247  About the security content of macOS Ventura 13.7 - https://support.apple.com/pt-br/121234  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    5 min

  8. 16. SEP.

    627 - Ataques exploram nova falha no Ivanti CSA

    [Referências do Episódio] [TREND MICRO NO FORRESTER] - https://www.trendmicro.com/explore/forrester-wave-xdr/01054-v1-en-www  Security Advisory Ivanti Cloud Service Appliance (CSA) (CVE-2024-8190) - https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190?language=en_US  Attacking PowerShell CLIXML Deserialization - https://www.truesec.com/hub/blog/attacking-powershell-clixml-deserialization  Gomorrah Stealer v5.1: An In-Depth Analysis of a .NET-Based Malware - https://www.cyfirma.com/research/gomorrah-stealer-v5-1-an-in-depth-analysis-of-a-net-based-malware/ CUCKOO SPEAR Part 1: Analyzing NOOPDOOR from an IR Perspective - https://www.cybereason.com/blog/cuckoo-spear-analyzing-noopdoor  Stealthy Fileless Attack Targets Attendees of Upcoming US-Taiwan Defense Industry Event - https://cyble.com/blog/stealthy-fileless-attack-targets-attendees-of-us-taiwan-defense-industry-event/  Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers - https://thehackernews.com/2024/09/apple-vision-pro-vulnerability-exposed.html  Distributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/distributed-denial-of-truth-ddot-the-mechanics-of-influence-operations-and-the-weaponization-of-social-media/  CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability - https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29847-deep-dive-ivanti-endpoint-manager-agentportal-deserialization-of-untrusted-data-remote-code-execution-vulnerability/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

    7 min
Se alle (636)

Trailer

Om

Podcast de cibersegurança produzido pela Tempest com episódios diários, publicados logo pela manhã com aquilo que foi mais relevante nas últimas vinte e quatro horas em termos de novos ataques, vulnerabilidade ou ameaças. Tudo em menos de dez minutos e traduzido para uma linguagem fácil, produzido para que você possa ajustar o curso do seu dia de modo a tomar as melhores decisões de cibersegurança para sua empresa.

Informasjon

  • Skaper
    Tempest Security Intelligence
  • År i produksjon
    2022 - 2024
  • Episoder
    636
  • Vurdering
    Ren
  • Copyright
    © Tempest Security Intelligence
  • Vis nettsted
    Cyber Morning Call

Kanskje du også liker

Logg på for å lytte til eksplisitte episoder

Hold deg oppdatert om denne serien

Logg på eller registrer deg for å følge serier, lagre episoder og motta oppdateringer.
Velg land eller region

Afrika, Midtøsten og India

Asia og Stillehavet

Europa

Latin-Amerika og Karibia

USA og Canada