Cyber Morning Call

Tempest Security Intelligence

Podcast de cibersegurança produzido pela Tempest com episódios diários, publicados logo pela manhã com aquilo que foi mais relevante nas últimas vinte e quatro horas em termos de novos ataques, vulnerabilidade ou ameaças. Tudo em menos de dez minutos e traduzido para uma linguagem fácil, produzido para que você possa ajustar o curso do seu dia de modo a tomar as melhores decisões de cibersegurança para sua empresa. read less
TecnologiaTecnologia

Episódios

Cyber Morning Call - #561 - 12/06/2024
Ontem
Cyber Morning Call - #561 - 12/06/2024
[Referências do Episódio] June 2024 Security Updates - https://msrc.microsoft.com/update-guide/releaseNote/2024-Jun  ARM ZERO-DAY IN MALI GPU DRIVERS ACTIVELY EXPLOITED IN THE WILD - https://securityaffairs.com/164430/hacking/arm-zero-day-actively-exploited.html  CVE-2024-23110 - Multiple buffer overflows in diag npu command - https://fortiguard.fortinet.com/psirt/FG-IR-23-460  You’ve Got Mail: Critical Microsoft Outlook Vulnerability Executes as Email is Opened - https://blog.morphisec.com/cve-2024-30103-microsoft-outlook-vulnerability  TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers - https://www.bleepingcomputer.com/news/security/tellyouthepass-ransomware-exploits-recent-php-rce-flaw-to-breach-servers/  Dipping into Danger: The WARMCOOKIE backdoor - https://www.elastic.co/security-labs/dipping-into-danger  A Brief History of SmokeLoader, Part 1 - https://www.zscaler.com/blogs/security-research/brief-history-smokeloader-part-1  Aanhoudende statelijke cyberspionagecampagne via kwetsbare edge devices - https://www.ncsc.nl/actueel/nieuws/2024/juni/10/aanhoudende-statelijke-cyberspionagecampagne-via-kwetsbare-edge-devices  Noodle RAT: Reviewing the New Backdoor Used by Chinese-Speaking Groups - https://www.trendmicro.com/en_us/research/24/f/noodle-rat-reviewing-the-new-backdoor-used-by-chinese-speaking-g.html  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia
Cyber Morning Call - #557 - 06/06/2024
Há uma semana
Cyber Morning Call - #557 - 06/06/2024
[Referências do Episódio] TargetCompany’s Linux Variant Targets ESXi Environments - https://www.trendmicro.com/en_us/research/24/f/targetcompany-s-linux-variant-targets-esxi-environments.html  RansomHub: New Ransomware has Origins in Older Knight - https://symantec-enterprise-blogs.security.com/threat-intelligence/ransomhub-knight-ransomware  DarkGate switches up its tactics with new payload, email templates - https://blog.talosintelligence.com/darkgate-remote-template-injection/  2024: Old CVEs, New Targets — Active Exploitation of ThinkPHP - https://www.akamai.com/blog/security-research/2024/jun/2024-thinkphp-applications-exploit-1-days-dama-webshell  Operation Crimson Palace: Sophos threat hunting unveils multiple clusters of Chinese state-sponsored activity targeting Southeast Asian government - https://news.sophos.com/en-us/2024/06/05/operation-crimson-palace-sophos-threat-hunting-unveils-multiple-clusters-of-chinese-state-sponsored-activity-targeting-southeast-asia/  Muhstik Malware Targets Message Queuing Services Applications - https://www.aquasec.com/blog/muhstik-malware-targets-message-queuing-services-applications/  Phishing for Gold: Cyber Threats Facing the 2024 Paris Olympics - https://cloud.google.com/blog/topics/threat-intelligence/cyber-threats-2024-paris-olympics/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia
Cyber Morning Call - #548 - 22/05/2024
22-05-2024
Cyber Morning Call - #548 - 22/05/2024
[Referências do Episódio] Fórum da Internet do Brasil - MAIS UMA VÍTIMA NÃO: Tecnologias digitais como forma de promoção e proteção de defensores de direitos humanos no Brasil - https://forumdainternet.cgi.br/agenda/3056 Critical GitHub Enterprise Server Flaw Allows Authentication Bypass - https://thehackernews.com/2024/05/critical-github-enterprise-server-flaw.html Enabling encrypted assertions - https://docs.github.com/en/enterprise-server@3.12/admin/identity-and-access-management/using-saml-for-enterprise-iam/enabling-encrypted-assertions Veeam Backup Enterprise Manager Vulnerabilities (CVE-2024-29849, CVE-2024-29850, CVE-2024-29851, CVE-2024-29852) - https://www.veeam.com/kb4581 SD1672 | IMPORTANT NOTICE: Rockwell Automation Reiterates Customer Guidance to Disconnect Devices from the Internet to Protect from Cyber Threats - https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1672.html Invisible miners: unveiling GHOSTENGINE’s crypto mining operations - https://www.elastic.co/security-labs/invisible-miners-unveiling-ghostengine ANALYSIS AND DETECTION OF CLOUD#REVERSER: AN ATTACK INVOLVING THREAT ACTORS COMPROMISING SYSTEMS USING A SOPHISTICATED CLOUD-BASED MALWARE - https://www.securonix.com/blog/analysis-and-detection-of-cloudreverser-an-attack-involving-threat-actors-compromising-systems-using-a-sophisticated-cloud-based-malware/ RIGHT-TO-LEFT OVERRIDE - https://unicode-explorer.com/c/202E Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia