[Referências do Episódio]

Compromised PyTorch-nightly dependency chain between December 25th and December 30th, 2022. - https://pytorch.org/blog/compromised-nightly-dependency/#how-to-check-if-your-python-environment-is-affected

RedZei - Chinese-speaking scammers targeting Chinese students in the UK - https://blog.bushidotoken.net/2022/12/redzei-chinese-speaking-scammers.html

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

-FIN7 Unveiled: A deep dive into notorious cybercrime gang - https://www.prodaft.com/m/reports/FIN7_TLPCLEAR.pdf

-FIN7 Cybercrime Syndicate Emerges as Major Player in Ransomware Landscape - https://thehackernews.com/2022/12/fin7-cybercrime-syndicate-emerges-as.html

-Nitol DDoS Malware Installing Amadey Bot - https://asec.ahnlab.com/en/44504/

-Vidar Stealer Exploiting Various Platforms - https://asec.ahnlab.com/en/44554/

-Custom-Branded Ransomware: The Vice Society Group and the Threat of Outsourced Development - https://www.sentinelone.com/labs/custom-branded-ransomware-the-vice-society-group-and-the-threat-of-outsourced-development/

-Linux Kernel ksmbd Use-After-Free Remote Code Execution Vulnerability - https://www.zerodayinitiative.com/advisories/ZDI-22-1690/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

-Godfather:A banking Trojan that is impossible to refuse - https://blog.group-ib.com/godfather-trojan

-Okta's source code stolen after GitHub repositories hacked - https://www.bleepingcomputer.com/news/security/oktas-source-code-stolen-after-github-repositories-hacked/

-I-122122-PSA - Cyber Criminals Impersonating Brands Using Search Engine Advertisement Services to Defraud Users - https://www.ic3.gov/Media/Y2022/PSA221221

-Microsoft research uncovers new Zerobot capabilities - https://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/

-Inside the IcedID BackConnect Protocol - https://www.team-cymru.com/post/inside-the-icedid-backconnect-protocol

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

-Nova campanha do Chaes usa o Windows Management Instrumentation Command-Line Utility - https://sidechannel.blog/nova-campanha-do-chaes/

-Russia’s Trident Ursa (aka Gamaredon APT) Cyber Conflict Operations Unwavering Since Invasion of Ukraine - https://unit42.paloaltonetworks.com/trident-ursa/

-OWASSRF: CrowdStrike Identifies New Exploit Method for Exchange Bypassing ProxyNotShell Mitigations - https://www.crowdstrike.com/blog/owassrf-exploit-analysis-and-recommendations/

-Raspberry Robin Malware Targets Telecom, Governments - https://www.trendmicro.com/en_us/research/22/l/raspberry-robin-malware-targets-telecom-governments.html

[Ficha técnica]

Roteiro e apresentação: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

-Microsoft finds macOS bug that lets malware bypass security checks - https://www.bleepingcomputer.com/news/security/microsoft-finds-macos-bug-that-lets-malware-bypass-security-checks/

-MeshyJSON: A TP-Link tdpServer JSON Stack Overflow - https://research.nccgroup.com/2022/12/19/meshyjson-a-tp-link-tdpserver-json-stack-overflow/#json-array-stack-overflow

-You might receive an error (0xc000021a) with a blue screen - https://learn.microsoft.com/en-us/windows/release-health/status-windows-10-22h2#2986msgdesc

-SentinelSneak: Malicious PyPI module poses as security software development kit - https://blog.reversinglabs.com/blog/sentinelsneak-malicious-pypi-module-poses-as-security-sdk

-OPWNAI: AI THAT CAN SAVE THE DAY OR HACK IT AWAY - https://research.checkpoint.com/2022/opwnai-ai-that-can-save-the-day-or-hack-it-away/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

-Samba Issues Security Updates to Patch Multiple High-Severity Vulnerabilities - https://thehackernews.com/2022/12/samba-issues-security-updates-to-patch.html

-PF suspeita de acesso a sistema sigiloso do Judiciário por grupo hacker no Brasil - https://www1.folha.uol.com.br/cotidiano/2022/12/pf-suspeita-de-acesso-a-sistema-sigiloso-do-judiciario-por-grupo-hacker-no-brasil.shtml

-Client-side encryption for Gmail available in beta - https://workspaceupdates.googleblog.com/2022/12/client-side-encryption-for-gmail-beta.html

-Agenda Ransomware Uses Rust to Target More Vital Industries - https://www.trendmicro.com/en_us/research/22/l/agenda-ransomware-uses-rust-to-target-more-vital-industries.html

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Trojanized Windows Installers - https://www.mandiant.com/resources/blog/trojanized-windows-installers-ukrainian-government

- Brasdex a new Brazillian ATS Malware - https://www.threatfabric.com/blogs/brasdex-a-new-brazilian-ats-malware.htm

- HTML Smugglers turn to SVG images - https://blog.talosintelligence.com/html-smugglers-turn-to-svg-images/

- Operação polícial - https://afnoticias.com.br/estado/mais-de-10-hackers-que-aplicavam-golpes-no-tocantins-sao-denunciados-pelo-ministerio-publico

[Ficha técnica]

Apresentação: Daniel Venzi

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Vulnerabilidades da VMware - https://www.vmware.com/security/advisories/VMSA-2022-0033.html E https://www.vmware.com/security/advisories/VMSA-2022-0031.html

- Unmasking Mirroface Operation LiberalFace Targeting Japanese Political Entities - https://www.welivesecurity.com/2022/12/14/unmasking-mirrorface-operation-liberalface-targeting-japanese-political-entities/

- GoTrim Botnet - https://www.fortinet.com/blog/threat-research/gotrim-go-based-botnet-actively-brute-forces-wordpress-websites

- Correções SIEMENS - https://cert-portal.siemens.com/productcert/html/ssa-412672.html

[Ficha técnica]

Apresentação: Daniel Venzi

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

-Critical security update now available for Citrix ADC, Citrix Gateway - https://www.citrix.com/blogs/2022/12/13/critical-security-update-now-available-for-citrix-adc-citrix-gateway/

-APT5: Citrix ADC Threat Hunting Guidance - https://media.defense.gov/2022/Dec/13/2003131586/-1/-1/0/CSA-APT5-CITRIXADC-V1.PDF

-Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27518 - https://support.citrix.com/article/CTX474995/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227518

-AWS ECR Public Vulnerability - https://blog.lightspin.io/aws-ecr-public-vulnerability

-Reported ECR Public Gallery Issue - https://aws.amazon.com/pt/security/security-bulletins/AWS-2022-010/

-Security Flaw in Atlassian Products (Jira, Confluence,Trello, BitBucket) Affecting Multiple Companies - https://cloudsek.com/security-flaw-in-atlassian-products-jira-confluencetrello-bitbucket-affecting-multiple-companies/

-Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism - https://securityintelligence.com/posts/critical-remote-code-execution-vulnerability-spnego-extended-negotiation-security-mechanism/

-I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation Signed Malware - https://www.mandiant.com/resources/blog/hunting-attestation-signed-malware

-Driving Through Defenses | Targeted Attacks Leverage Signed Malicious Microsoft Drivers - https://www.sentinelone.com/labs/driving-through-defenses-targeted-attacks-leverage-signed-malicious-microsoft-drivers/

-December 2022 Security Updates - https://msrc.microsoft.com/update-guide/releaseNote/2022-Dec

-Apple security update fixes new iOS zero-day used to hack iPhones - https://www.bleepingcomputer.com/news/apple/apple-security-update-fixes-new-ios-zero-day-used-to-hack-iphones/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

-FortiOS - heap-based buffer overflow in sslvpnd - https://www.fortiguard.com/psirt/FG-IR-22-398

-Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT - https://www.trendmicro.com/en_us/research/22/l/linux-cryptomining-enhanced-via-chaos-rat-.html

-Xnspy stalkerware spied on thousands of iPhones and Android devices - https://techcrunch.com/2022/12/12/xnspy-stalkerware-iphone-android/

-Pulling the Curtains on Azov Ransomware: Not a Skidsware but Polymorphic Wiper - https://research.checkpoint.com/2022/pulling-the-curtains-on-azov-ransomware-not-a-skidsware-but-polymorphic-wiper/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto