[Referências do Episódio]

- Stable Channel Update for Desktop - https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_14.html

- Read The Manual Locker: A Private RaaS Provider - https://www.trellix.com/en-us/about/newsroom/stories/research/read-the-manual-locker-a-private-raas-provider.html

- Ex-Conti and FIN7 Actors Collaborate with New Domino Backdoor - https://securityintelligence.com/posts/ex-conti-fin7-actors-collaborate-new-domino-backdoor/

- LockBit ransomware encryptors found targeting Mac devices - https://www.bleepingcomputer.com/news/security/lockbit-ransomware-encryptors-found-targeting-mac-devices/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Espionage Campaign Linked to Russian Intelligence Services - https://www.gov.pl/web/baza-wiedzy/espionage-campaign-linked-to-russian-intelligence-services

- Vulnerabilidades do Jupiter Networks- https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-JSA-Series-Apache-Commons-Text-prior-to-1-10-0-allows-RCE-when-applied-to-untrusted-input-due-to-insecure-interpolation-defaults-CVE-2022-42889?language=en_US, https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Paragon-Active-Assurance-Enabling-the-timescaledb-enables-IP-forwarding-CVE-2023-28971?language=en_US e https://supportportal.juniper.net/s/article/2023-04-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-expat-resolved?language=en_US

-Legions AWS Credential Harvester and SMTP Hijacker - https://www.cadosecurity.com/legion-an-aws-credential-harvester-and-smtp-hijacker/

- Ataques DDoS no primeiro trimestre de 2023 - https://blog.cloudflare.com/ddos-threat-report-2023-q1/

[Ficha técnica]

Apresentação: Daniel Venzi

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Nokoyama Ransomware abusando de zero-day no Windows - https://securelist.com/nokoyawa-ransomware-attacks-with-windows-zero-day/109483/

- Nova vulnerabilidade no JavaScript VM2- https://github.com/patriksimek/vm2/security/advisories/GHSA-xj72-wvfv-8985, https://gist.github.com/leesh3288/f05730165799bf56d70391f3d9ea187c e https://www.npmjs.com/package/vm2

-Sites maliciosas disseminam mineradores através de falsas atualizações do Chrome - https://www.bleepingcomputer.com/news/security/hacked-sites-caught-spreading-malware-via-fake-chrome-updates/ e https://insight-jp.nttsecurity.com/post/102ic6o/webgoogle-chrome

- Guia para identificação do BlackLotus - https://www.microsoft.com/en-us/security/blog/2023/04/11/guidance-for-investigating-attacks-using-cve-2022-21894-the-blacklotus-campaign/

[Ficha técnica]

Apresentação: Daniel Venzi

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- CVE-2023-28252 - 

  Windows Common Log File System Driver Elevation of Privilege Vulnerability - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28252

- CVE-2023-28285 - 

  Microsoft Office Remote Code Execution Vulnerability - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28285

- CVE-2023-28295 - 

  Microsoft Publisher Remote Code Execution Vulnerability - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28295

- CVE-2023-28287 - 

  Microsoft Publisher Remote Code Execution Vulnerability - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28287

- CVE-2023-28311 - 

  Microsoft Word Remote Code Execution Vulnerability - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28311

- SAP Security Patch Day - April 2023 - https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

- Schneider Electric - Cybersecurity Support Portal - https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp

- Siemens Security Advisories - https://new.siemens.com/global/en/products/services/cert.html#SecurityPublications

- Malware Disguised as Document from Ukraine's Energoatom Delivers Havoc Demon Backdoor - https://www.fortinet.com/blog/threat-research/malware-disguised-as-document-ukraine-energoatom-delivers-havoc-demon-backdoor

- Sweet QuaDreams: A First Look at Spyware Vendor QuaDream’s Exploits, Victims, and Customers - https://citizenlab.ca/2023/04/spyware-vendor-quadream-exploits-victims-customers/

- Exchange Server 2013 - https://learn.microsoft.com/en-us/lifecycle/products/exchange-server-2013urity Patch Day–April2023

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Analyzing Impala Stealer – Payload of the first NuGet attack campaign - https://jfrog.com/blog/impala-stealer-malicious-nuget-package-payload/

- ARES Leaks – Emerging Cyber Crime Cartel - https://www.cyfirma.com/outofband/ares-leaks-emerging-cyber-crime-cartel/

- MERCURY and DEV-1084: Destructive attack on hybrid environment - https://www.microsoft.com/en-us/security/blog/2023/04/07/mercury-and-dev-1084-destructive-attack-on-hybrid-environment/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Exploit available for critical bug in VM2 JavaScript sandbox library - https://www.bleepingcomputer.com/news/security/exploit-available-for-critical-bug-in-vm2-javascript-sandbox-library/

- About the security content of iOS 16.4.1 and iPadOS 16.4.1 - https://support.apple.com/en-il/HT213720

- Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign - https://blog.sucuri.net/2023/04/balada-injector-synopsis-of-a-massive-ongoing-wordpress-malware-campaign.html#database-credential-theft

- CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog - https://securityaffairs.com/144561/security/veritas-backup-exec-known-exploited-vulnerabilities-catalog.html

- Stopping cybercriminals from abusing security tools - https://www.microsoft.com/en-us/security/business/security-insider/threat-briefs/stopping-cybercriminals-from-abusing-security-tools/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- CryptoClippy Speaks Portuguese - https://unit42.paloaltonetworks.com/crypto-clipper-targets-portuguese-speakers/

- Typhon Reborn Stealer Malware Resurfaces with Advanced Evasion Techniques - https://thehackernews.com/2023/04/typhon-reborn-stealer-malware.html

- How we’re protecting users from government-backed attacks from North Korea - https://blog.google/threat-analysis-group/how-were-protecting-users-from-government-backed-attacks-from-north-korea/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- RORSCHACH – A NEW SOPHISTICATED AND FAST RANSOMWARE - https://research.checkpoint.com/2023/rorschach-a-new-sophisticated-and-fast-ransomware/

- Genesis Market, one of world’s largest platforms for cyber fraud, seized by police - https://therecord.media/genesis-market-takedown-cybercrime

- Mantis: New Tooling Used in Attacks Against Palestinian Targets - https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/mantis-palestinian-attacks

- Rilide: A New Malicious Browser Extension for Stealing Cryptocurrencies - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/rilide-a-new-malicious-browser-extension-for-stealing-cryptocurrencies/

- ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access - https://www.mandiant.com/resources/blog/alphv-ransomware-backup

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack - https://securelist.com/gopuram-backdoor-deployed-through-3cx-supply-chain-attack/109344/

- How Falcon OverWatch Investigates Malicious Self-Extracting Archives, Decoy Files and Their Hidden Payloads - https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/

- New Money Message ransomware demands million dollar ransoms - https://www.bleepingcomputer.com/news/security/new-money-message-ransomware-demands-million-dollar-ransoms/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Microsoft OneNote will block 120 dangerous file extensions - https://www.bleepingcomputer.com/news/security/microsoft-onenote-will-block-120-dangerous-file-extensions/

- ‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics - https://www.theguardian.com/technology/2023/mar/30/vulkan-files-leak-reveals-putins-global-and-domestic-cyberwarfare-tactics

- Super FabriXss: From XSS to an RCE in Azure Service Fabric Explorer by Abusing an Event Tab Cluster Toggle (CVE-2023-23383) - https://orca.security/resources/blog/super-fabrixss-azure-vulnerability/

- Exploitation is a Dish Best Served Cold: Winter Vivern Uses Known Zimbra Vulnerability to Target Webmail Portals of NATO-Aligned Governments in Europe - https://www.proofpoint.com/us/blog/threat-insight/exploitation-dish-best-served-cold-winter-vivern-uses-known-zimbra-vulnerability

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto