[Referências do Episódio]

- FG-IR-23-074 - FortiNAC - java untrusted object deserialization RCE - https://www.fortiguard.com/psirt/FG-IR-23-074 

- CWE-502: Deserialization of Untrusted Data - https://cwe.mitre.org/data/definitions/502.html 

- An Overview of the Different Versions of the Trigona Ransomware - https://www.trendmicro.com/en_us/research/23/f/an-overview-of-the-trigona-ransomware.html

- PindOS: New JavaScript Dropper Delivering Bumblebee and IcedID - https://www.deepinstinct.com/blog/pindos-new-javascript-dropper-delivering-bumblebee-and-icedid 

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Contas Laranja: o elo final da lavagem de dinheiro do cibercrime no Brasil - https://sidechannel.blog/contas-laranja-o-elo-final-da-lavagem-de-dinheiro-do-cibercrime-no-brasil/

- IoT devices and Linux-based systems targeted by OpenSSH trojan campaign - https://www.microsoft.com/en-us/security/blog/2023/06/22/iot-devices-and-linux-based-systems-targeted-by-openssh-trojan-campaign/

- ISC Releases Security Advisories for Multiple Versions of BIND 9 - https://www.cisa.gov/news-events/alerts/2023/06/22/isc-releases-security-advisories-multiple-versions-bind-9

- BEYOND THE HORIZON: TRAVELING THE WORLD ON CAMARO DRAGON’S USB FLASH DRIVES - https://research.checkpoint.com/2023/beyond-the-horizon-traveling-the-world-on-camaro-dragons-usb-flash-drives/ 

- VMware - VMSA-2023-0014 - https://www.vmware.com/security/advisories/VMSA-2023-0014.html 

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Graphican: Flea Uses New Backdoor in Attacks Targeting Foreign Ministries - https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/flea-backdoor-microsoft-graph-apt15 

- Ransomware Redefined: RedEnergy Stealer-as-a-Ransomware attacks - https://www.zscaler.com/blogs/security-research/ransomware-redefined-redenergy-stealer-ransomware-attacks 

- VMware - VMSA-2023-0012.2 - https://www.vmware.com/security/advisories/VMSA-2023-0012.html

- Condi DDoS Botnet Spreads via TP-Link's CVE-2023-1389 - https://www.fortinet.com/blog/threat-research/condi-ddos-botnet-spreads-via-tp-links-cve-2023-1389 

- Dissecting TriangleDB, a Triangulation spyware implant - https://securelist.com/triangledb-triangulation-implant/110050/ 

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Turing Day 2023 -  https://www.even3.com.br/turingday2023/

- ASUS Product Security Advisory - https://www.asus.com/content/asus-product-security-advisory/

- Inside of the WASP's nest: deep dive into PyPI-hosted malware - https://blog.virustotal.com/2023/06/inside-of-wasps-nest-deep-dive-into.html 

- Rogue Android Apps Target Pakistani Individuals in Sophisticated Espionage Campaign - https://thehackernews.com/2023/06/rogue-android-apps-target-pakistani.html 

- Experts found components of a complex toolkit employed in macOS attacks - https://securityaffairs.com/147622/malware/macos-attacks-toolkit.html 

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- MOVEit Transfer and MOVEit Cloud Vulnerability - https://www.progress.com/security/moveit-transfer-and-moveit-cloud-vulnerability 

- Hijacking S3 Buckets: New Attack Technique Exploited in the Wild by Supply Chain Attackers  - https://checkmarx.com/blog/hijacking-s3-buckets-new-attack-technique-exploited-in-the-wild-by-supply-chain-attackers/

- Understanding Malware-as-a-Service - https://securelist.com/malware-as-a-service-market/109980/ 

- Mystic Stealer: The New Kid on the Block - https://www.zscaler.com/blogs/security-research/mystic-stealer

- Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks - https://msrc.microsoft.com/blog/2023/06/microsoft-response-to-layer-7-distributed-denial-of-service-ddos-attacks/ 

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Barracuda ESG Zero-Day Vulnerability (CVE-2023-2868) Exploited Globally by Aggressive and Skilled Actor, Suspected Links to China - https://www.mandiant.com/resources/blog/barracuda-esg-exploited-globally

- Warning: GravityRAT Android Trojan Steals WhatsApp Backups and Deletes Files - https://thehackernews.com/2023/06/warning-gravityrat-android-trojan.html

- HP WOLF SECURITY: Threat Insights Report - Q1 - 2023 - https://threatresearch.ext.hp.com/wp-content/uploads/2023/06/HP_Wolf_Security_Threat_Insights_Report_Q1_2023.pdf

- CVE-2023-20887: VMware Aria Operations for Networks Command Injection - https://www.tenable.com/blog/cve-2023-20887-vmware-aria-operations-for-networks-command-injection

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Cadet Blizzard emerges as a novel and distinct Russian threat actor - https://www.microsoft.com/en-us/security/blog/2023/06/14/cadet-blizzard-emerges-as-a-novel-and-distinct-russian-threat-actor/

- Understanding Ransomware Threat Actors: LockBit - https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-165a 

- Fake Security Researcher GitHub Repositories Deliver Malicious Implant - https://vulncheck.com/blog/fake-repos-deliver-malicious-implant 

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Microsoft June 2023 Patch Tuesday fixes 78 flaws, 38 RCE bugs - https://www.bleepingcomputer.com/news/microsoft/microsoft-june-2023-patch-tuesday-fixes-78-flaws-38-rce-bugs/

- VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors - https://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypass

- VMSA-2023-0013 - VMware Tools update addresses Authentication Bypass vulnerability (CVE-2023-20867) - https://www.vmware.com/security/advisories/VMSA-2023-0013.html

- ".Zip" top-level domains draw potential for information leaks - https://blog.talosintelligence.com/zip-tld-information-leak/

- Unauthenticated IDOR to PII Disclosure in WooCommerce Stripe Gateway Plugin - https://patchstack.com/articles/unauthenticated-idor-to-pii-disclosure-vulnerability-in-woocommerce-stripe-gateway-plugin/

- Widespread Brand Impersonation Scam Campaign Targeting Hundreds of the Most Popular Apparel Brands - https://bolster.ai/blog/brand-impersonation-sca 

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Analysis of CVE-2023-27997 and Clarifications on Volt Typhoon Campaign - https://www.fortinet.com/blog/psirt-blogs/analysis-of-cve-2023-27997-and-clarifications-on-volt-typhoon-campaign

- Volt Typhoon targets US critical infrastructure with living-off-the-land techniques - https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-infrastructure-with-living-off-the-land-techniques/

- Sneaky DoubleFinger loads GreetingGhoul targeting your cryptocurrency - https://securelist.com/doublefinger-loader-delivering-greetingghoul-cryptocurrency-stealer/109982/

- Deep dive into the Pikabot cyber threat - https://news.sophos.com/en-us/2023/06/12/deep-dive-into-the-pikabot-cyber-threat/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Tweet de Charles Fol sobre a vulnerabilidade CVE-2023-27997 - https://twitter.com/cfreal_/status/1667852157536616451

- MOVEit Transfer Critical Vulnerability – CVE Pending Reserve Status (June 9, 2023) - https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-CVE-Pending-Reserve-Status-June-9-2023

- STEALTH SOLDIER BACKDOOR USED IN TARGETED ESPIONAGE ATTACKS IN NORTH AFRICA - https://research.checkpoint.com/2023/stealth-soldier-backdoor-used-in-targeted-espionage-attacks-in-north-africa/

- Detecting and mitigating a multi-stage AiTM phishing and BEC campaign - https://www.microsoft.com/en-us/security/blog/2023/06/08/detecting-and-mitigating-a-multi-stage-aitm-phishing-and-bec-campaign/

- Elastic charms SPECTRALVIPER - https://www.elastic.co/pt/security-labs/elastic-charms-spectralviper 

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto