[Referências do Episódio]

- 3CX DesktopApp Security Alert - https://www.3cx.com/blog/news/desktopapp-security-alert/

- 3CX DesktopApp Security Alert - Mandiant Appointed to Investigate - https://www.3cx.com/blog/news/desktopapp-security-alert-updates/

- 3CX Supply Chain Compromise Leads to ICONIC Incident - https://www.volexity.com/blog/2023/03/30/3cx-supply-chain-compromise-leads-to-iconic-incident/

- Ironing out (the macOS details) of a Smooth Operator - https://objective-see.org/blog/blog_0x73.html

- Dissecting AlienFox | The Cloud Spammer’s Swiss Army Knife - https://www.sentinelone.com/labs/dissecting-alienfox-the-cloud-spammers-swiss-army-knife/

- CISA Adds Ten Known Exploited Vulnerabilities to Catalog - https://www.cisa.gov/news-events/alerts/2023/03/30/cisa-adds-ten-known-exploited-vulnerabilities-catalog

- With KEYPLUG, China’s RedGolf Spies On, Steals From Wide Field of Targets - https://go.recordedfuture.com/hubfs/reports/cta-2023-0330.pdf

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- 2023-03-29 // SITUATIONAL AWARENESS // CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers - https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/

- Mélofée: a new alien malware in the Panda's toolset targeting Linux hosts - https://blog.exatrack.com/melofee/

- Copy-paste heist or clipboard-injector attacks on cryptousers - https://securelist.com/copy-paste-heist-clipboard-injector-targeting-cryptowallets/109186/

- Spyware vendors use 0-days and n-days against popular platforms - https://blog.google/threat-analysis-group/spyware-vendors-use-0-days-and-n-days-against-popular-platforms/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- APT43: North Korean Group Uses Cybercrime to Fund Espionage Operations - https://mandiant.widen.net/s/zvmfw5fnjs/apt43-report

- DBatLoader: Actively Distributing Malwares Targeting European Businesses - https://www.zscaler.com/blogs/security-research/dbatloader-actively-distributing-malwares-targeting-european-businesses

- RHADAMANTHYS: THE “EVERYTHING BAGEL” INFOSTEALER - https://research.checkpoint.com/2023/rhadamanthys-the-everything-bagel-infostealer/

- WiFi protocol flaw allows attackers to hijack network traffic - https://www.bleepingcomputer.com/news/security/wifi-protocol-flaw-allows-attackers-to-hijack-network-traffic/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Fork in the Ice: The New Era of IcedID - https://www.proofpoint.com/us/blog/threat-insight/fork-ice-new-era-icedid

- Twitter Says Parts of Its Source Code Were Leaked Online - https://www.nytimes.com/2023/03/26/technology/twitter-source-code-leak.html

- Twitter takes down source code leaked online, hunts for downloaders - https://www.bleepingcomputer.com/news/security/twitter-takes-down-source-code-leaked-online-hunts-for-downloaders/

- Executive Order on Prohibition on Use by the United States Government of Commercial Spyware that Poses Risks to National Security - https://www.whitehouse.gov/briefing-room/presidential-actions/2023/03/27/executive-order-on-prohibition-on-use-by-the-united-states-government-of-commercial-spyware-that-poses-risks-to-national-security/

- Android app from China executed 0-day exploit on millions of devices - https://arstechnica.com/information-technology/2023/03/android-app-from-china-executed-0-day-exploit-on-millions-of-devices/

- Tweet da Lookout confirmando repostagem da ArsTechinica - https://twitter.com/Lookout/status/1640406587205468180?s=20

- 「 深蓝洞察 」2022 年度最“不可赦”漏洞 - https://mp-weixin-qq-com.translate.goog/s/P_EYQxOEupqdU0BJMRqWsw?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US

- Google flags apps made by popular Chinese e-commerce giant as malware - https://techcrunch.com/2023/03/20/google-flags-apps-made-by-popular-chinese-e-commerce-giant-as-malware/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Guidance for investigating attacks using CVE-2023-23397 - https://www.microsoft.com/en-us/security/blog/2023/03/24/guidance-for-investigating-attacks-using-cve-2023-23397/

- CVE-2023-23397 - Microsoft Outlook Elevation of Privilege Vulnerability - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397

- We updated our RSA SSH host key - https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/

- CVE-2023-28303 - Windows Snipping Tool Information Disclosure Vulnerability - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28303

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Exploit released for Veeam bug allowing cleartext credential theft - https://www.bleepingcomputer.com/news/security/exploit-released-for-veeam-bug-allowing-cleartext-credential-theft/

- Nexus: a new Android botnet? - https://www.cleafy.com/cleafy-labs/nexus-a-new-android-botnet

- Operation Tainted Love | Chinese APTs Target Telcos in New Attacks - https://www.sentinelone.com/labs/operation-tainted-love-chinese-apts-target-telcos-in-new-attacks/

- How Okta Passwords Can Be Compromised: Uncovering a Risk to User Data - https://www.mitiga.io/blog/how-okta-passwords-can-be-compromised-uncovering-a-risk-to-user-data

- UNC961 in the Multiverse of Mandiant: Three Encounters with a Financially Motivated Threat Actor - https://www.mandiant.com/resources/blog/unc961-multiverse-financially-motivated

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Beloved hacking veteran Kelly ‘Aloria’ Lum passes away at 41 - https://techcrunch.com/2023/03/22/kelly-aloria-lum-passes-away-at-41-obituary

- “FakeGPT” #2: Open-Source Turned Malicious in Another Variant of the Facebook Account-Stealer Chrome Extension - https://labs.guard.io/fakegpt-2-open-source-turned-malicious-in-another-variant-of-the-facebook-account-stealer-d00ef9883d61

- Joint Cyber Security Advisory (Korean) - https://www.verfassungsschutz.de/SharedDocs/publikationen/EN/prevention/2023-03-20-joint-cyber-security-advisory-korean.html

- We (Did!) Start the Fire: Hacktivists Increasingly Claim Targeting of OT Systems - https://www.mandiant.com/resources/blog/hacktivists-targeting-ot-systems

- Researchers Spot Silicon-Level Hardware Trojans in Chips, Release Their Algorithm for All to Try - https://www.hackster.io/news/researchers-spot-silicon-level-hardware-trojans-in-chips-release-their-algorithm-for-all-to-try-ba00bbd56248

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Bad magic: new APT found in the area of Russo-Ukrainian conflict - https://securelist.com/bad-magic-apt/109087/

- Journalist opens USB letter bomb in newsroom. - https://www.bbc.com/news/world-latin-america-65026522

- After BreachForums arrest, new site administrator says the platform will live on - https://therecord.media/breachforums-arrest-new-administrator

- CISA Releases Eight Industrial Control Systems Advisories - https://www.cisa.gov/news-events/alerts/2023/03/21/cisa-releases-eight-industrial-control-systems-advisories

- New NAPLISTENER Malware Used by REF2924 Group to Evade Network Detection - https://www.elastic.co/pt/security-labs/naplistener-more-bad-dreams-from-the-developers-of-siestagraph

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Tempest Security Warning - https://www.tempest.com.br/gerenciamento/security-monitoring/security-warning/

- Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace - https://www.mandiant.com/resources/blog/zero-days-exploited-2022

- Inside Mispadu massive infection campaign in LATAM - https://www.metabaseq.com/mispadu-banking-trojan/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Dark Web ‘BreachForums’ Operator Charged With Computer Crime - https://news.bloomberglaw.com/privacy-and-data-security/dark-web-breachforums-operator-charged-with-computer-crime

- United States v. Fitzpatrick - https://www.courtlistener.com/docket/67027377/1/united-states-v-fitzpatrick/

- Кіберполіція викрила жителя Хмельниччини у створенні «вірусу» для викрадення даних користувачів - https://cyberpolice.gov.ua/news/kiberpolicziya-vykryla-zhytelya-xmelnychchyny-u-stvorenni-virusu-dlya-vykradennya-danyx-korystuvachiv-7546/

- Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation - https://www.mandiant.com/resources/blog/fortinet-malware-ecosystem

- Uncovering HinataBot: A Deep Dive into a Go-Based Threat - https://www.akamai.com/blog/security-research/hinatabot-uncovering-new-golang-ddos-botnet

- Emotet malware now distributed in Microsoft OneNote files to evade defenses - https://www.bleepingcomputer.com/news/security/emotet-malware-now-distributed-in-microsoft-onenote-files-to-evade-defenses/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto