562 episodes
Cyber Morning Call Tempest Security Intelligence
-
- Technology
Podcast de cibersegurança produzido pela Tempest com episódios diários, publicados logo pela manhã com aquilo que foi mais relevante nas últimas vinte e quatro horas em termos de novos ataques, vulnerabilidade ou ameaças.
Tudo em menos de dez minutos e traduzido para uma linguagem fácil, produzido para que você possa ajustar o curso do seu dia de modo a tomar as melhores decisões de cibersegurança para sua empresa.
-
Cyber Morning Call - #560 - 11/06/2024
[Referências do Episódio]
TURING DAY 2024 - https://www.even3.com.br/tempest-turing-day-2024/
UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion - https://cloud.google.com/blog/topics/threat-intelligence/unc5537-snowflake-data-theft-extortion/
CVE-2024-29849 - https://github.com/sinsinology/CVE-2024-29849?tab=readme-ov-file -
Cyber Morning Call - #559 - 10/06/2024
[Referências do Episódio]
New Agent Tesla Campaign Targeting Spanish-Speaking People - https://www.fortinet.com/blog/threat-research/new-agent-tesla-campaign-targeting-spanish-speaking-people
Microsoft rolls back ‘dumbest cybersecurity move in a decade’ - https://cyberscoop.com/microsoft-rolls-back-dumbest-cybersecurity-move-in-a-decade/
Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster. - https://doublepulsar.com/recall-stealing-everything-youve-ever-typed-or-viewed-on-your-own-windows-pc-is-now-possible-da3e12e9465e
PHP ADDRESSED CRITICAL RCE FLAW POTENTIALLY IMPACTING MILLIONS OF SERVERS - https://securityaffairs.com/164302/breaking-news/php-critical-rce.html -
Cyber Morning Call - #558 - 07/06/2024
[Referências do Episódio]
Howling at the Inbox: Sticky Werewolf’s Latest Malicious Aviation Attacks - https://blog.morphisec.com/sticky-werewolfs-aviation-attacks
New Gitloker attacks wipe GitHub repos in extortion scheme - https://www.bleepingcomputer.com/news/security/new-gitloker-attacks-wipe-github-repos-in-extortion-scheme/#google_vignette
Commando Cat: A Novel Cryptojacking Attack Abusing Docker Remote API Servers - https://www.trendmicro.com/en_us/research/24/f/commando-cat-a-novel-cryptojacking-attack-.html
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia -
Cyber Morning Call - #557 - 06/06/2024
[Referências do Episódio]
TargetCompany’s Linux Variant Targets ESXi Environments - https://www.trendmicro.com/en_us/research/24/f/targetcompany-s-linux-variant-targets-esxi-environments.html
RansomHub: New Ransomware has Origins in Older Knight - https://symantec-enterprise-blogs.security.com/threat-intelligence/ransomhub-knight-ransomware
DarkGate switches up its tactics with new payload, email templates - https://blog.talosintelligence.com/darkgate-remote-template-injection/
2024: Old CVEs, New Targets — Active Exploitation of ThinkPHP - https://www.akamai.com/blog/security-research/2024/jun/2024-thinkphp-applications-exploit-1-days-dama-webshell
Operation Crimson Palace: Sophos threat hunting unveils multiple clusters of Chinese state-sponsored activity targeting Southeast Asian government - https://news.sophos.com/en-us/2024/06/05/operation-crimson-palace-sophos-threat-hunting-unveils-multiple-clusters-of-chinese-state-sponsored-activity-targeting-southeast-asia/
Muhstik Malware Targets Message Queuing Services Applications - https://www.aquasec.com/blog/muhstik-malware-targets-message-queuing-services-applications/
Phishing for Gold: Cyber Threats Facing the 2024 Paris Olympics - https://cloud.google.com/blog/topics/threat-intelligence/cyber-threats-2024-paris-olympics/
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia -
Cyber Morning Call - #556 - 05/06/2024
[Referências do Episódio]
Threat Actors’ Systems Can Also Be Exposed and Used by Other Threat Actors - https://asec.ahnlab.com/en/66372/
Cybercriminals Attack Banking Customers In EU With V3B Phishing Kit - https://www.resecurity.com/blog/article/cybercriminals-attack-banking-customers-in-eu-with-v3b-phishing-kit
UNC1151 Strikes Again: Unveiling Their Tactics Against Ukraine’s Ministry of Defence - https://cyble.com/blog/unc1151-strikes-again-unveiling-their-tactics-against-ukraines-ministry-of-defence/
Zyxel security advisory for multiple vulnerabilities in NAS products - https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nas-products-06-04-2024
Five new vulnerabilities found in Zyxel NAS devices (including code execution and privilege escalation) - https://outpost24.com/blog/zyxel-nas-critical-vulnerabilities/
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia -
Cyber Morning Call - #555 - 4/06/2024
[Referências do Episódio]
DarkGate again but... Improved? - https://www.trellix.com/blogs/research/darkgate-again-but-improved/
Hacking Millions of Modems (and Investigating Who Hacked My Modem) - https://samcurry.net/hacking-millions-of-modems
Ransomware Rebounds: Extortion Threat Surges in 2023, Attackers Rely on Publicly Available and Legitimate Tools - https://cloud.google.com/blog/topics/threat-intelligence/ransomware-attacks-surge-rely-on-public-legitimate-tools/
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia