Cyber Morning Call

By Tempest Security Intelligence

Podcast de cibersegurança produzido pela Tempest com episódios diários, publicados logo pela manhã com aquilo que foi mais relevante nas últimas vinte e quatro horas em termos de novos ataques, vulner... more

· Technology

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Cyber Morning Call:

How many episodes does Cyber Morning Call have?

The podcast currently has 790 episodes available.

Cyber Morning Call episodes:

March 25, 2024 Cyber Morning Call - #509 - 25/03/2024
[Referências do Episódio]
Large-Scale StrelaStealer Campaign in Early 2024 - https://unit42.paloaltonetworks.com/strelastealer-campaign/
APT29 Uses WINELOADER to Target German Political Parties - https://www.mandiant.com/resources/blog/apt29-wineloader-german-political-parties
MOZILLA FIXED FIREFOX ZERO-DAYS EXPLOITED AT PWN2OWN VANCOUVER 2024 - https://securityaffairs.com/160966/hacking/mozilla-fixed-firefox-zero-day-pwn2own-vancouver-2024.html
PWN2OWN VANCOUVER 2024: PARTICIPANTS EARNED $1,132,500 FOR 29 UNIQUE 0-DAYS - https://securityaffairs.com/160901/hacking/pwn2own-vancouver-2024-final-result.html
Apple security releases - https://support.apple.com/en-gb/HT201222

Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
...more
4min
March 22, 2024 Cyber Morning Call - #508 - 22/03/2024
[Referências do Episódio]
CVE-2023-48788: Fortinet FortiClient EMS SQL Injection Deep Dive - https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/
New details on TinyTurla’s post-compromise activity reveal full kill chain - https://blog.talosintelligence.com/tinyturla-full-kill-chain/
Entendendo a vulnerabilidade Edge Side Include Injection - https://sidechannel.blog/entendendo-a-vulnerabilidade-edge-side-include-injection/
AcidPour | New Embedded Wiper Variant of AcidRain Appears in Ukraine - https://www.sentinelone.com/labs/acidpour-new-embedded-wiper-variant-of-acidrain-appears-in-ukraine/
Bringing Access Back — Initial Access Brokers Exploit F5 BIG-IP (CVE-2023-46747) and ScreenConnect - https://www.mandiant.com/resources/blog/initial-access-brokers-exploit-f5-screenconnect

Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
...more
6min
March 21, 2024 Cyber Morning Call - #507 - 21/03/2024
[Referências do Episódio]
Advisory on Application-layer Loop DoS Attacks - https://docs.google.com/document/d/1KByZzrdwQhrXGPPCf9tUzERZyRzg0xOpGbWoDURZxTI/edit
Atlassian Releases Fixes for Over 2 Dozen Flaws, Including Critical Bamboo Bug - https://thehackernews.com/2024/03/atlassian-releases-fixes-for-over-2.html
Abusing the DHCP Administrators Group to Escalate Privileges in Windows Domains - https://www.akamai.com/blog/security-research/2024/feb/abusing-dhcp-administrators-group-for-privilege-escalation-in-windows-domains

Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
...more
5min
March 20, 2024 Cyber Morning Call - #506 - 20/03/2024
[Referências do Episódio]
Unit 42 Collaborative Research With Ukraine’s Cyber Agency To Uncover the Smoke Loader Backdoor - https://unit42.paloaltonetworks.com/unit-42-scpc-ssscip-uncover-smoke-loader-phishing/
The State Cyber Protection Center together with Palo Alto Networks Unit 42 have studied the SmokeLoader malware - https://scpc.gov.ua/en/articles/356
Joint Statement on Efforts to Counter the Proliferation and Misuse of Commercial Spyware - https://www.whitehouse.gov/briefing-room/statements-releases/2024/03/18/joint-statement-on-efforts-to-counter-the-proliferation-and-misuse-of-commercial-spyware/
Securonix Threat Research Security Advisory: Analysis of New DEEP#GOSU Attack Campaign Likely Associated with North Korean Kimsuky Targeting Victims with Stealthy Malware - https://www.securonix.com/blog/securonix-threat-research-security-advisory-new-deepgosu-attack-campaign/
Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks - https://www.trendmicro.com/en_us/research/24/c/earth-krahang.html
New AcidPour wiper targets Linux x86 devices. Is it a Russia’s weapon? - https://securityaffairs.com/160739/cyber-warfare-2/acidpour-wiper.html
PRC State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders - https://www.cisa.gov/resources-tools/resources/prc-state-sponsored-cyber-activity-actions-critical-infrastructure-leaders

Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
...more
9min
March 18, 2024 Cyber Morning Call - #505 - 18/03/2024
[Referências do Episódio]
Inside the Rabbit Hole: BunnyLoader 3.0 Unveiled - https://unit42.paloaltonetworks.com/analysis-of-bunnyloader-malware/
CGSI Probes: ShadowSyndicate Group’s Possible Exploitation of Aiohttp Vulnerability (CVE-2024-23334) - https://cyble.com/blog/cgsi-probes-shadowsyndicate-groups-possible-exploitation-of-aiohttp-vulnerability-cve-2024-23334/
Patch para a CVE-2024-23334 no aiohttp - https://github.com/aio-libs/aiohttp/commit/1c335944d6a8b1298baf179b7c0b3069f10c514b
Acoustic Side Channel Attack on Keyboards Based on Typing Patterns - https://arxiv.org/pdf/2403.08740.pdf
PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Finger Friction Sound - https://www.ndss-symposium.org/wp-content/uploads/2024-618-paper.pdf
PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Finger Friction Sound - https://www.ndss-symposium.org/wp-content/uploads/2024-618-paper.pdf

Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
...more
6min
March 15, 2024 Cyber Morning Call - #504 - 15/03/2024
[Referências do Episódio]
eSim, откройся: эксперты F.A.C.C.T. предупредили о новых атаках на клиентов банков - https://www.facct.ru/media-center/press-releases/esim-bank-attacks/
What a Cluster: Local Volumes Vulnerability in Kubernetes - https://www.akamai.com/blog/security-research/kubernetes-local-volumes-command-injection-vulnerability-rce-system-privileges
CISA Releases Fifteen Industrial Control Systems Advisories - https://www.cisa.gov/news-events/alerts/2024/03/14/cisa-releases-fifteen-industrial-control-systems-advisories

Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
...more
5min
March 14, 2024 Cyber Morning Call - #503 - 14/03/2024
[Referências do Episódio]
PixPirate: The Brazilian financial malware you can’t see - https://securityintelligence.com/posts/pixpirate-brazilian-financial-malware/
CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign - https://www.trendmicro.com/en_us/research/24/c/cve-2024-21412--darkgate-operators-exploit-microsoft-windows-sma.html
CVE-2024-21412: Water Hydra Targets Traders With Microsoft Defender SmartScreen Zero-Day - https://www.trendmicro.com/en_us/research/24/b/cve202421412-water-hydra-targets-traders-with-windows-defender-s.html
SVG Files Abused in Emerging Campaigns - https://cofense.com/blog/svg-files-abused-in-emerging-campaigns/

Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
...more
5min
March 13, 2024 Cyber Morning Call - #502 - 13/03/2024
[Referências do Episódio]
March 2024 Security Updates - https://msrc.microsoft.com/update-guide/releaseNote/2024-Mar
CVE-2024-21407 - Windows Hyper-V Remote Code Execution Vulnerability - https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21407
CVE-2024-21408 - Windows Hyper-V Denial of Service Vulnerability - https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21408
Ransomware: Attacks Continue to Rise as Operators Adapt to Disruption - https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ransomware-attacks-exploits
CVE-2023-48788 Pervasive SQL injection in DAS component - https://www.fortiguard.com/psirt/FG-IR-24-007
CVE-2023-42789 E CVE-2023-42790 FortiOS & FortiProxy - Out-of-bounds Write in captive portal - https://www.fortiguard.com/psirt/FG-IR-23-328
BIPClip: Malicious PyPI packages target crypto wallet recovery passwords - https://www.reversinglabs.com/blog/bipclip-malicious-pypi-packages-target-crypto-wallet-recovery-passwords

Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
...more
4min
March 12, 2024 Cyber Morning Call - #501 - 12/03/2024
[Referências do Episódio]
CVE-2024-21378 — Remote Code Execution in Microsoft Outlook - https://www.netspi.com/blog/technical/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378/
Microsoft Outlook Remote Code Execution Vulnerability - CVE-2024-21378 - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21378
MASSIVE CYBERATTACKS HIT FRENCH GOVERNMENT AGENCIES - https://securityaffairs.com/160374/hacking/massive-cyberattacks-hit-french-government-agencies.html
French state services hit by 'intense' cyberattack, PM's office says - https://www.lemonde.fr/en/pixels/article/2024/03/11/french-state-services-hit-by-intense-cyberattack-pm-s-office-says_6608164_13.html
Guerra da Ucrânia muda comércio mundial de armas - https://www.dw.com/pt-br/guerra-da-ucr%C3%A2nia-muda-com%C3%A9rcio-mundial-de-armas/a-68487575

Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
...more
3min
March 11, 2024 Cyber Morning Call - #500 - 11/03/2024
[Referências do Episódio]
Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard - https://msrc.microsoft.com/blog/2024/03/update-on-microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/
CISA forced to take two systems offline last month after Ivanti compromise - https://therecord.media/cisa-takes-two-systems-offline-following-ivanti-compromise
MAGNET GOBLIN TARGETS PUBLICLY FACING SERVERS USING 1-DAY VULNERABILITIES - https://research.checkpoint.com/2024/magnet-goblin-targets-publicly-facing-servers-using-1-day-vulnerabilities/
Multiple Vulnerabilities in QTS, QuTS hero, QuTScloud, and myQNAPcloud - https://www.qnap.com/en/security-advisory/qsa-24-09

Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
...more
5min

FAQs about Cyber Morning Call:

How many episodes does Cyber Morning Call have?

The podcast currently has 790 episodes available.

More shows like Cyber Morning Call

Tecnocast by Tecnoblog

Tecnocast

43 Listeners

MacMagazine no Ar by MacMagazine.com.br

MacMagazine no Ar

178 Listeners

Xadrez Verbal by Central 3 Podcasts

Xadrez Verbal

169 Listeners

Giro do Loop by Loop Infinito

Giro do Loop

88 Listeners

Petit Journal by Petit Journal

Petit Journal

76 Listeners

Stock Pickers by InfoMoney

Stock Pickers

46 Listeners

Do Zero ao Topo by InfoMoney

Do Zero ao Topo

38 Listeners

O Assunto by G1

O Assunto

155 Listeners

RedCast | O podcast de Segurança da Informação by RedBelt Security

RedCast | O podcast de Segurança da Informação

0 Listeners

Brasil Paralelo | Podcast by Brasil Paralelo

Brasil Paralelo | Podcast

24 Listeners

Não Inviabilize by Déia Freitas

Não Inviabilize

205 Listeners

Os Sócios Podcast by Grupo Primo

Os Sócios Podcast

64 Listeners

UOL Prime by UOL

UOL Prime

38 Listeners

Rádio Novelo Apresenta by Rádio Novelo

Rádio Novelo Apresenta

90 Listeners

IA Sob Controle - Inteligência Artificial by Alura - Hipsters Network

IA Sob Controle - Inteligência Artificial

4 Listeners