[Referências do Episódio]

CISA Adds Six Known Exploited Vulnerabilities to Catalog - https://www.cisa.gov/news-events/alerts/2023/11/13/cisa-adds-six-known-exploited-vulnerabilities-catalog

#StopRansomware: Royal Ransomware - https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-061a

Ddostf DDoS Bot Malware Attacking MySQL Servers - https://asec.ahnlab.com/en/58878/ 

In-Depth Analysis of July 2023 Exploit Chain Featuring CVE-2023-36884 and CVE-2023-36584 - https://unit42.paloaltonetworks.com/new-cve-2023-36584-discovered-in-attack-chain-used-by-russian-apt/ 

Roteiro e apresentação: Carlos Cabral

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

[Referências do Episódio]

Bitter Pill: Third-Party Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack - https://www.huntress.com/blog/third-party-pharmaceutical-vendor-linked-to-pharmacy-and-health-clinic-cyberattack

BiBi Wiper Used in the Israel-Hamas War Now Runs on Windows - https://blogs.blackberry.com/en/2023/11/bibi-wiper-used-in-the-israel-hamas-war-now-runs-on-windows

NORTH KOREA-LINKED APT SAPPHIRE SLEET TARGETS IT JOB SEEKERS WITH BOGUS SKILLS ASSESSMENT PORTALS - https://securityaffairs.com/154082/apt/sapphire-sleet-apt-targets-it-job-seekers.html

Roteiro e apresentação: Carlos Cabral

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

[Referências do Episódio]

Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks - https://www.bleepingcomputer.com/news/security/microsoft-sysaid-zero-day-flaw-exploited-in-clop-ransomware-attacks/

SysAid On-Prem Software CVE-2023-47246 Vulnerability - https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification

Hive Ransomware's Offspring: Hunters International Takes the Stage - https://www.bitdefender.com/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

IMPERIAL KITTEN Deploys Novel Malware Families in Middle East-Focused Operations - https://www.crowdstrike.com/blog/imperial-kitten-deploys-novel-malware-families/

Roteiro e apresentação: Carlos Cabral

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

[Referências do Episódio]

Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology - https://www.mandiant.com/resources/blog/sandworm-disrupts-power-ukraine-operational-technology

Warning Against Phobos Ransomware Distributed via Vulnerable RDP - https://asec.ahnlab.com/en/58753/

Python obfuscation traps - https://checkmarx.com/blog/python-obfuscation-traps/

Roteiro e apresentação: Carlos Cabral

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

[Referências do Episódio]

BlueNoroff strikes again with new macOS malware - https://www.jamf.com/blog/bluenoroff-strikes-again-with-new-macos-malware/

Ransomware manager: Investigation into farnetwork, a threat actor linked to five strains of ransomware - https://www.group-ib.com/blog/farnetwork/

Chinese APT Targeting Cambodian Government - https://unit42.paloaltonetworks.com/chinese-apt-linked-to-cambodia-government-attacks/

Roteiro e apresentação: Carlos Cabral

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

[Referências do Episódio]

Agonizing Serpens (Aka Agrius) Targeting the Israeli Higher Education and Tech Sectors - https://unit42.paloaltonetworks.com/agonizing-serpens-targets-israeli-tech-higher-ed-sectors/ 

Rapid7-Observed Exploitation of Atlassian Confluence CVE-2023-22518 - https://www.rapid7.com/blog/post/2023/11/06/etr-rapid7-observed-exploitation-of-atlassian-confluence-cve-2023-22518/ 

CVE-2023-38547 | CVE-2023-38548 | CVE-2023-38549 | CVE-2023-41723 - https://www.veeam.com/kb4508 

Jupyter Rising: An Update on Jupyter Infostealer - https://blogs.vmware.com/security/2023/11/jupyter-rising-an-update-on-jupyter-infostealer.html 

Roteiro e apresentação: Carlos Cabral

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

[Referências do Episódio]

Looney Tunables Vulnerability Exploited by Kinsing - https://blog.aquasec.com/loony-tunables-vulnerability-exploited-by-kinsing 

WhatsApp spy mod spreads through Telegram, attacks Arabic-speaking users - https://securelist.com/spyware-whatsapp-mod/110984/ 

New Microsoft Exchange zero-days allow RCE, data theft attacks - https://www.bleepingcomputer.com/news/microsoft/new-microsoft-exchange-zero-days-allow-rce-data-theft-attacks/ 

Unveiling Socks5Systemz: The Rise of a New Proxy Service via PrivateLoader and Amadey - https://www.bitsight.com/blog/unveiling-socks5systemz-rise-new-proxy-service-privateloader-and-amadey

Roteiro e apresentação: Carlos Cabral

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

[Referências do Episódio]

CVE-2023-22518 - Improper Authorization Vulnerability In Confluence Data Center and Confluence Server - https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-confluence-server-1311473907.html

FROM ALBANIA TO THE MIDDLE EAST: THE SCARRED MANTICORE IS LISTENING - https://research.checkpoint.com/2023/from-albania-to-the-middle-east-the-scarred-manticore-is-listening/

Massive cybercrime URL shortening service uncovered via DNS data - https://www.bleepingcomputer.com/news/security/massive-cybercrime-url-shortening-service-uncovered-via-dns-data/

Prolific Puma: Shadowy Link Shortening Service Enables Cybercrime - https://blogs.infoblox.com/cyber-threat-intelligence/prolific-puma-shadowy-link-shortening-service-enables-cybercrime/

IAmReboot: Malicious NuGet packages exploit loophole in MSBuild integrations - https://www.reversinglabs.com/blog/iamreboot-malicious-nuget-packages-exploit-msbuild-loophole

EXPERTS RELEASED POC EXPLOIT CODE FOR CISCO IOS XE FLAW CVE-2023-20198 - https://securityaffairs.com/153285/hacking/cisco-ios-xe-cve-2023-20198-poc.html

Investigation of Session Hijacking via Citrix NetScaler ADC and Gateway Vulnerability (CVE-2023-4966) - https://www.mandiant.com/resources/blog/session-hijacking-citrix-cve-2023-4966 

Roteiro e apresentação: Carlos Cabral

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

[Referências do Episódio]

- Three new NGINX ingress controller vulnerabilities reported and how they affect Kubernetes - https://www.armosec.io/blog/cve-2023-5043-nginx-ingress/

- K000137353: BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747 - https://my.f5.com/manage/s/article/K000137353

- A cascade of compromise: unveiling Lazarus’ new campaign - https://securelist.com/unveiling-lazarus-new-campaign/110888/

- Ukrainian hackers disrupt internet providers in Russia-occupied territories - https://therecord.media/ukranian-hackers-disrupt-internet-providers-crimea 

Roteiro e apresentação: Carlos Cabral 

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

[Referências do Episódio]

- iLeakage: Browser-based Timerless Speculative Execution Attacks on Apple Devices - https://ileakage.com/files/ileakage.pdf

- DDoS threat report for 2023 Q3 - https://blog.cloudflare.com/ddos-threat-report-2023-q3/

- StripedFly worming miner hides sophisticated code and espionage-ready capabilities - https://usa.kaspersky.com/about/press-releases/2023_stripedfly-a-worming-miner-hiding-sophisticated-code-and-espionage-ready-capabilities

- CAMPAGNES D'ATTAQUES DU MODE OPÉRATOIRE APT28 DEPUIS 2021 - https://www.cert.ssi.gouv.fr/uploads/CERTFR-2023-CTI-009.pdf

Roteiro e apresentação: Carlos Cabral 

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia