[Referências do Episódio]

- DDoS attacks in Q3 2022 - https://securelist.com/ddos-report-q3-2022/107860/

- U.S. Attorney Announces Historic $3.36 Billion Cryptocurrency Seizure And Conviction In Connection With Silk Road Dark Web Fraud - https://www.justice.gov/usao-sdny/pr/us-attorney-announces-historic-336-billion-cryptocurrency-seizure-and-conviction

- Presos suspeitos de DDoS contra provedores de acesso - https://www.cisoadvisor.com.br/presos-suspeitos-de-ddos-contra-provedores-de-acesso/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Nation-state cyberattacks become more brazen as authoritarian leaders ramp up aggression - https://blogs.microsoft.com/on-the-issues/2022/11/04/microsoft-digital-defense-report-2022-ukraine/

- A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain - https://googleprojectzero.blogspot.com/2022/11/a-very-powerful-clipboard-samsung-in-the-wild-exploit-chain.html

- As Twitter brings on $8 fee, phishing emails target verified accounts - https://www.bleepingcomputer.com/news/security/as-twitter-brings-on-8-fee-phishing-emails-target-verified-accounts/

- How Qatar hacked the World Cup - https://www.thebureauinvestigates.com/stories/2022-11-05/how-qatar-hacked-the-world-cup

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

Black Basta Ransomware Attacks Deploy Custom EDR Evasion Tools Tied to FIN7 Threat Actor -  https://www.sentinelone.com/labs/black-basta-ransomware-attacks-deploy-custom-edr-evasion-tools-tied-to-fin7-threat-actor/

Emotet Botnet Starts Blasting Malware Again After 5 Months Break - https://www.bleepingcomputer.com/news/security/emotet-botnet-starts-blasting-malware-again-after-5-month-break/

Publicações Twitter ProofPoint -  https://twitter.com/threatinsight/status/1587865920130752515

ROMCOM Spoofing Solarwinds Keepas -  https://blogs.blackberry.com/en/2022/11/romcom-spoofing-solarwinds-keepass

Not Dream Job: Hunting For Malicious Job - https://blog.virustotal.com/2022/11/not-dream-job-hunting-for-malicious-job.htmlt

[Ficha técnica]

Apresentação:Daniel Venzi

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- CVE-2022-3786 and CVE-2022-3602: X.509 Email Address Buffer Overflows - https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/

- CosMiss: Azure Cosmos DB Notebook Remote Code Execution Vulnerability - https://orca.security/resources/blog/cosmiss-vulnerability-azure-cosmos-db/

- Amadey Bot을 이용한 LockBit 3.0 랜섬웨어 유포 중 - https://asec.ahnlab.com/ko/41042/

- New SandStrike spyware infects Android devices via malicious VPN app - https://www.bleepingcomputer.com/news/security/new-sandstrike-spyware-infects-android-devices-via-malicious-vpn-app/

- I’m deeply saddened by the absurd death of Vitali Kremez, he died during a scuba diving off the coast of Hollywood Beach in Florida - https://securityaffairs.co/wordpress/138012/breaking-news/vitali-kremez-died.html

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Follina Exploit Leads to Domain Compromise - https://thedfirreport.com/2022/10/31/follina-exploit-leads-to-domain-compromise/

- Critical Vulnerability Disclosure: ConnectWise/R1Soft Server Backup Manager Remote Code Execution & Supply Chain Risks - https://www.huntress.com/blog/critical-vulnerability-disclosure-connectwise/r1soft-server-backup-manager-remote-code-execution-supply-chain-risks

- Free Micropatches For Bypassing MotW Security Warning with Invalid Signature (0day) - https://blog.0patch.com/2022/10/free-micropatches-for-bypassing-motw.html

- MAIL ON SUNDAY EXCLUSIVE: Liz Truss's personal phone that was hacked by Kremlin agents was so compromised it was locked away in a 'secure location' as experts fear top secret negotiations and private messages may have been leaked - https://www.dailymail.co.uk/news/article-11368619/Liz-Trusss-personal-phone-hacked-Putins-spies-secret-details-negotiations.html

- Forthcoming OpenSSL Releases - https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Cranefly: Threat Actor Uses Previously Unseen Techniques and Tools in Stealthy Campaign - https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/cranefly-new-tools-technique-geppei-danfuan

- Exploit released for critical VMware RCE vulnerability, patch now - https://www.bleepingcomputer.com/news/security/exploit-released-for-critical-vmware-rce-vulnerability-patch-now/

- Malware wars: the attack of the droppers - https://www.threatfabric.com/blogs/the-attack-of-the-droppers

- PSIRT Advisories: FG-IR-22-059: Vulnerability in OpenSSL library - https://fortiguard.fortinet.com/psirt/FG-IR-22-059

- Juniper SSLVPN / JunOS RCE and Multiple Vulnerabilities - https://octagon.net/blog/2022/10/28/juniper-sslvpn-junos-rce-and-multiple-vulnerabilities/

- APT10: Tracking down LODEINFO 2022, part I - https://securelist.com/apt10-tracking-down-lodeinfo-2022-part-i/107742/

- APT10: Tracking down LODEINFO 2022, part II - https://securelist.com/apt10-tracking-down-lodeinfo-2022-part-ii/107745/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Drinik Malware Returns With Advanced Capabilities Targeting Indian Taxpayers - https://blog.cyble.com/2022/10/27/drinik-malware-returns-with-advanced-capabilities-targeting-indian-taxpayers/

- Fodcha DDoS botnet reaches 1Tbps in power, injects ransoms in packets - https://www.bleepingcomputer.com/news/security/fodcha-ddos-botnet-reaches-1tbps-in-power-injects-ransoms-in-packets/

- Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity - https://www.microsoft.com/en-us/security/blog/2022/10/27/raspberry-robin-worm-part-of-larger-ecosystem-facilitating-pre-ransomware-activity/

- SiriSpy - iOS bug allowed apps to eavesdrop on your conversations with Siri - https://rambo.codes/posts/2022-10-25-sirispy-ios-bug-allowed-apps-to-eavesdrop

- Stable Channel Update for Desktop - https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_27.html

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

Prisão suspeito Raccoon Stealer -  https://www.justice.gov/usao-wdtx/pr/newly-unsealed-indictment-charges-ukrainian-national-international-cybercrime-operation E https://raccoon.ic3.gov/home

PRC Dragonbridge Influence Elections - https://www.mandiant.com/resources/blog/prc-dragonbridge-influence-elections

Threat Actor Target AWS EC2 Workloads to Steal Credentials-  https://www.trendmicro.com/en_us/research/22/j/threat-actors-target-aws-ec2-workloads-to-steal-credentials.html

Vice Society Opportunistic Ransomware Campaigns Impacting US Education Sector-  https://www.microsoft.com/en-us/security/blog/2022/10/25/dev-0832-vice-society-opportunistic-ransomware-campaigns-impacting-us-education-sector/

Vulnerabilidades Cisco - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dll-F26WwJW E https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-win-path-traverse-qO4HWBsj

[Ficha técnica]

Apresentação: Daniel Venzi

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- TEMPEST TALKS - https://www.tempest.com.br/tempest_talk/tempest-talks-2022/

- Forthcoming OpenSSL Releases - https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html

- VMware advisories - VMSA-2022-0027 - https://www.vmware.com/security/advisories/VMSA-2022-0027.html

- Sysdig TRT uncovers massive cryptomining operation leveraging GitHub Actions - https://sysdig.com/blog/massive-cryptomining-operation-github-actions/

- Microsoft SharePoint Server Post-Authentication Server-Side Request Forgery vulnerability - https://starlabs.sg/blog/2022/10-sharepoint-post-authenticated-ssrf-vulnerability/

- Stranger Strings: An exploitable flaw in SQLite - https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto

[Referências do Episódio]

- Unveil the evolution of Kimsuky targeting Android devices with newly discovered mobile malware - https://medium.com/s2wblog/unveil-the-evolution-of-kimsuky-targeting-android-devices-with-newly-discovered-mobile-malware-280dae5a650f

- Iran says ‘specific foreign country’ behind hacktivist leak of atomic energy emails - https://therecord.media/iran-says-specific-foreign-country-behind-hacktivist-leak-of-atomic-energy-emails/

- Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries - https://blogs.blackberry.com/en/2022/10/unattributed-romcom-threat-actor-spoofing-popular-apps-now-hits-ukrainian-militaries

- About the security content of iOS 16.1 and iPadOS 16 - https://support.apple.com/en-us/HT213489

- Chapter 1 — From Gozi to ISFB: The history of a mythical malware family. - https://medium.com/csis-techblog/chapter-1-from-gozi-to-isfb-the-history-of-a-mythical-malware-family-82e592577fef

[Ficha técnica]

Apresentação: Carlos Cabral

Roteiro: Carlos Cabral e Daniel Venzi

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Projeto gráfico: Julian Prieto