569 episodes
Cyber Morning Call Tempest Security Intelligence
-
- Technology
Podcast de cibersegurança produzido pela Tempest com episódios diários, publicados logo pela manhã com aquilo que foi mais relevante nas últimas vinte e quatro horas em termos de novos ataques, vulnerabilidade ou ameaças.
Tudo em menos de dez minutos e traduzido para uma linguagem fácil, produzido para que você possa ajustar o curso do seu dia de modo a tomar as melhores decisões de cibersegurança para sua empresa.
-
Cyber Morning Call - #567 - 20/06/2024
[Referências do Episódio]
É HOJE!!!! TURING DAY 2024 - https://www.even3.com.br/tempest-turing-day-2024/
LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations - https://cybersecurity.att.com/blogs/labs-research/highly-evasive-squidloader-targets-chinese-organizations
AN UNPATCHED BUG ALLOWS ANYONE TO IMPERSONATE MICROSOFT CORPORATE EMAIL ACCOUNTS - https://securityaffairs.com/164675/hacking/expert-warns-of-a-spoofing-bug.html
Thread sobre a possível falha no Outlook - https://x.com/slonser_/status/1801521692314927433
Fickle Stealer Distributed via Multiple Attack Chain - https://www.fortinet.com/blog/threat-research/fickle-stealer-distributed-via-multiple-attack-chain
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia -
Cyber Morning Call - #566 - 19/06/2024
[Referências do Episódio]
TURING DAY 2024 - https://www.even3.com.br/tempest-turing-day-2024/
Behind the Great Wall: Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 C&C Framework - https://www.trendmicro.com/en_us/research/24/f/behind-the-great-wall-void-arachne-targets-chinese-speaking-user.html
虫潮降临:Zergeca僵尸网络分析报告 - https://blog.xlab.qianxin.com/the-swarm-awakens-a-deep-dive-into-the-zergeca-botnet-cn/
ExCobalt: GoRed, the hidden-tunnel technique - https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/excobalt-gored-the-hidden-tunnel-technique/
New Diamorphine rootkit variant seen undetected in the wild - https://decoded.avast.io/davidalvarez/new-diamorphine-rootkit-variant-seen-undetected-in-the-wild/
Info Stealing Campaign Uses DLL Sideloading Through Legitimate Cisco Webex’s Binaries for Initial Execution and Defense Evasion - https://www.trellix.com/blogs/research/how-attackers-repackaged-a-threat-into-something-that-looked-benign/
Rising Wave of QR Code Phishing Attacks: Chinese Citizens Targeted Using Fake Official Documents - https://cyble.com/blog/rising-wave-of-qr-code-phishing-attacks-chinese-citizens-targeted-using-fake-official-documents/
Cloaked and Covert: Uncovering UNC3886 Espionage Operations - https://cloud.google.com/blog/topics/threat-intelligence/uncovering-unc3886-espionage-operations/
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia -
Cyber Morning Call - #565 - 18/06/2024
[Referências do Episódio]
TURING DAY 2024 - https://www.even3.com.br/tempest-turing-day-2024/
China-Nexus Threat Group ‘Velvet Ant’ Abuses F5 Load Balancers for Persistence - https://www.sygnia.co/blog/china-nexus-threat-group-velvet-ant/
VMSA-2024-0012:VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-37079, CVE-2024-37080, CVE-2024-37081) - https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia -
Cyber Morning Call - #564 - 17/06/2024
[Referências do Episódio]
TURING DAY 2024 - https://www.even3.com.br/tempest-turing-day-2024/
From Clipboard to Compromise: A PowerShell Self-Pwn - https://www.proofpoint.com/us/blog/threat-insight/clipboard-compromise-powershell-self-pwn
CVE-2024-3080 - ASUS 路由器 - Improper Authentication - https://www.twcert.org.tw/tw/cp-132-7859-0e104-1.html
CVE-2024-3912 - ASUS 路由器 - Upload arbitrary firmware - https://www.twcert.org.tw/tw/cp-132-7875-872d3-1.html
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia -
Cyber Morning Call - #563 - 14/06/2024
[Referências do Episódio]
TURING DAY 2024 - https://www.even3.com.br/tempest-turing-day-2024/
There Are No Secrets || Exploiting Veeam CVE-2024-29855 - https://summoning.team/blog/veeam-recovery-orchestrator-auth-bypass-cve-2024-29855/
UNC3944 Targets SaaS Applications - https://cloud.google.com/blog/topics/threat-intelligence/unc3944-targets-saas-applications/
Operation Celestial Force employs mobile and desktop malware to target Indian entities - https://blog.talosintelligence.com/cosmic-leopard/
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia -
Cyber Morning Call - #562 - 13/06/2024
[Referências do Episódio]
TURING DAY 2024 - https://www.even3.com.br/tempest-turing-day-2024/
Insights on Cyber Threats Targeting Users and Enterprises in Brazil - https://cloud.google.com/blog/topics/threat-intelligence/cyber-threats-targeting-brazil/
Ransomware Attackers May Have Used Privilege Escalation Vulnerability as Zero-day - https://symantec-enterprise-blogs.security.com/threat-intelligence/black-basta-ransomware-zero-day
CVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection Remote Code Execution Vulnerability - https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29824-deep-dive-ivanti-epm-sql-injection-remote-code-execution-vulnerability/
Security Advisory May 2024 - https://forums.ivanti.com/s/article/Security-Advisory-May-2024?language=en_US
Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day - https://thehackernews.com/2024/06/google-warns-of-pixel-firmware-security.html
Атакували провідне підприємство у Нідерландах та Бельгії: поліцейські викрили пособника російських хакерів - https://cyberpolice.gov.ua/news/atakuvaly-providne-pidpryyemstvo-u-niderlandax-ta-belgiyi-policzejski-vykryly-posobnyka-rosijskyx-xakeriv-4010/
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia