POPULARITY
Referências do EpisódioAlert Number: I-051525-PSA - May 15, 2025 - Senior US Officials Impersonated in Malicious Messaging CampaignOperation RoundPressSophisticated NPM Attack Leveraging Unicode Steganography and Google Calendar C2Expression Payloads Meet Mayhem - Ivanti EPMM Unauth RCE Chain (CVE-2025-4427 and CVE-2025-4428)Fileless Execution: PowerShell Based Shellcode Loader Executes Remcos RATRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioDarkCloud Stealer: Comprehensive Analysis of a New Attack Chain That Employs AutoItStable Channel Update for DesktopExcel(ent) Obfuscation: Regex Gone RogueReliaQuest Uncovers New Critical Vulnerability in SAP NetWeaverRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioMicrosoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flawsStack-based buffer overflow vulnerability in APISecurity Advisory Ivanti Neurons for ITSM (On-Premises Only) (CVE-2025-22462)Security Advisory Ivanti Endpoint Manager Mobile (EPMM) May 2025 (CVE-2025-4427 and CVE-2025-4428)SAP Security Patch Day - May 2025/bin/live: Gabriela SallesRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioEarth Ammit Disrupts Drone Supply Chains Through Coordinated Multi-Wave Attacks in TaiwanMarbled Dust leverages zero-day in Output Messenger for regional espionageResearchers found one-click RCE in ASUS's pre-installed software DriverHubModern Incident Response: Tackling Malicious ML Artifacts/bin/live - programa da Mente Binária que ocorre hoje às 20hsRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioStealthy .NET Malware: Hiding Malicious Payloads as Bitmap ResourcesBreaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach MessagesClassic Rock: Hunting a Botnet that preys on the OldLumma Stealer, coming and goingVídeo que fiz sobre ClickFixRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioSpam campaign targeting Brazil abuses Remote Monitoring and Management toolsAscensão do uso de softwares de monitoramento e gerenciamento remoto em campanhas maliciosasSonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as RootMultiple vulnerabilities in SonicWall SMA 100 series (FIXED)The LockBit ransomware site was breached, database dump was leaked onlineThreat Analysis: SAP Vulnerability Exploited in the Wild by Chinese Threat ActorRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioCVE-2025-20188 - Cisco IOS XE Wireless Controller Software Arbitrary File Upload VulnerabilityRansomware Attackers Leveraged Privilege Escalation Zero-dayAgenda Ransomware Group Adds SmokeLoader and NETXLOADER to Their ArsenalCOLDRIVER Using New Malware To Steal Documents From Western Targets and NGOsVídeo que fiz sobre ClickFixInferno Drainer Reloaded: Deep Dive into the Return of the Most Sophisticated Crypto DrainerNew Finance Scam Discovered Abusing Niche X/Twitter Advertising LoopholeNew DOGE Big Balls Ransomware Tools in the WildIranian Cyber Actors Impersonate Model Agency in Suspected Espionage OperationSysOwned, Your Friendly Support Ticket - SysAid On-Premise Pre-Auth RCE Chain (CVE-2025-2775 And Friends)Roteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioSamsung MagicINFO 9 Server RCE flaw now exploited in attacks Samsung SVP-AUG-2024 Canary Exploit tool for CVE-2025-30065 Apache Parquet Avro VulnerabilitySmishing on a Massive Scale: "Panda Shop" Chinese Carding SyndicateLights Out and Stalled Factories: Using MATRIX to Learn About Modbus VulnerabilitiesBit ByBit - emulation of the DPRK's largest cryptocurrency heistRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioBring Your Own Installer: Bypassing SentinelOne Through Agent Version Change InterruptionBoletim de segurança do Android: maio de 2025Google addresses 1 actively exploited vulnerability in May's Android security updateCVE-2025-27363Defending Against UNC3944: Cybercrime Hardening Guidance from the FrontlinesRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioSOC Tempest com Google SecOpsI StealC You: Tracking the Rapid Changes To StealCwget to Wipeout: Malicious Go Modules Fetch Destructive PayloadBackdoor found in popular ecommerce componentsRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioSonicWall SSL-VPN SMA100 Version 10.x Is Affected By Multiple VulnerabilitiesSonicWall SMA100 SSL-VPN Affected By Multiple VulnerabilitiesSonicBoom, From Stolen Tokens to Remote Shells - SonicWall SMA (CVE-2023-44221, CVE-2024-38475)TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families DiscoveredEarth Kasha Updates TTPs in Latest Campaign Targeting Taiwan and JapanFortiGuard Incident Response Team Detects Intrusion into Middle East Critical National InfrastructureRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioHello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation AnalysisOutlaw cybergang attacking targets worldwideUncovering MintsLoader With Recorded Future Malware Intelligence HuntingVídeo que fiz sobre ClickFixWormable Zero-Click Remote Code Execution (RCE) in AirPlay Protocol Puts Apple & IoT Devices at RiskRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioHow the April 28, 2025, power outage in Portugal and Spain impacted Internet traffic and connectivityDashboard com os servidores vulneráveis à CVE-2025-31324Roteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioCVE-2025-31324: Zero-Day Vulnerability in SAP NetWeaver Exploited in the WildReliaQuest Uncovers New Critical Vulnerability in SAP NetWeaverTriada strikes backIll intent: How deepfake “doctors” peddle bogus cures on TikTokVarious GPT services are vulnerable to "Inception" jailbreak, allows for bypass of safety guardrailsCraft CMS RCE exploit chain used in zero-day attacks to steal data.DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan AttacksWeaponized Words: Uyghur Language Software Hijacked to Deliver MalwareRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioEarth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectorsio_uring Is Back, This Time as a RootkitFire In The Hole, We're Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028)Roteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioM-Trends 2025: Data, Insights, and Recommendations From the Frontlines2025 Data Breach Investigations ReportDistribution of PebbleDash Malware in March 2025Operation SyncHole: Lazarus APT goes back to the wellRussian Infrastructure Plays Crucial Role in North Korean Cybercrime OperationsLACNIC 43BsidesSPRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioRipple's xrpl.js npm Package Backdoored to Steal Private KeysXRP supply chain attack: Official NPM package infected with crypto stealing backdoorNFC Fraud Wave: Evolution of Ghost Tap on the Dark WebPhishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth WorkflowsCookie-Bite: How Your Digital Crumbs Let Threat Actors Bypass MFA and Maintain Access to Cloud EnvironmentsConfusedComposer: A Privilege Escalation Vulnerability Impacting GCP ComposerInfostealer Malware FormBook Spread via Phishing Campaign – Part IRussian organizations targeted by backdoor masquerading as secure networking software updatesRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioSOC Tempest com Google SecOpsCVE-2025-32433: Erlang/OTP SSH Unauthenticated Remote Code Execution VulnerabilityBillbug: Intrusion Campaign Against Southeast Asia ContinuesDetecting Multi-Stage Infection Chains MadnessSuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operationPhishing attacks leveraging HTML code inside SVG filesRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioCVE-2025-24054, NTLM exploit in the wildAbout Apple Security UpdatesCISA adds One Known Exploited Vulnerability to CatalogRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioRenewed APT29 Phishing Campaign Against European DiplomatsUNC5174's evolution in China's ongoing cyber warfare: From SNOWLIGHT to VShellCrazyHunter Campaign Targets Taiwanese Critical SectorsThreat actors misuse Node.js to deliver malware and other malicious payloadsThe CVE program for tracking security flaws is about to lose federal fundingRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioBPFDoor's Hidden Controller Used Against Asia, Middle East TargetsCyber Threats 2021:A Year in RetrospectRed Menshen (a.k.a. Earth Bluecrow)CVE-2025-30406 - Critical Gladinet CentreStack & Triofox Vulnerability Exploited In The WildWaiting Thread Hijacking: A Stealthier Version of Thread Execution HijackingNew Malware Variant Identified: ResolverRAT Enters the MazeRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioPalo Alto warns of brute-force login attempts on PAN-OS GlobalProtect gateways indicating possible upcoming attacksSlow Pisces Targets Developers With Coding Challenges and Introduces New Customized Python MalwareRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioUnraveling the U.S. toll road smishing scamsSmishing Triad: Chinese eCrime Group Targets 121+ Countries, Intros New Banking Phishing KitShuckworm Targets Foreign Military Mission Based in UkraineAnalysis of Threat Actor ActivityCVE-2022-42475 - Heap-based buffer overflow in sslvpndCVE-2023-27997- Heap buffer overflow in sslvpn pre-authenticationCVE-2024-21762 - Out-of-bound Write in sslvpnd Roteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioAkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale - https://www.sentinelone.com/labs/akirabot-ai-powered-bot-bypasses-captchas-spams-websites-at-scale/ Operation Endgame follow-up leads to five detentions and interrogations as well as server takedowns - https://www.europol.europa.eu/media-press/newsroom/news/operation-endgame-follow-leads-to-five-detentions-and-interrogations-well-server-takedowns Roteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioApril 2025 Security Updates - https://msrc.microsoft.com/update-guide/releaseNote/2025-Apr Microsoft's April 2025 Patch Tuesday Addresses 121 CVEs (CVE-2025-29824)Exploitation of CLFS zero-day leads to ransomware activityPipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy RansomwareSecurity updates available for Adobe ColdFusion | APSB25-15CVE-2024-48887 - Unverified password change via set_password endpointWhatsApp flaw can let attackers run malicious code on Windows PCsRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioAndroid Security Bulletin—April 2025 Google fixes Android zero-days exploited in attacks, 60 other flawsHow ToddyCat tried to hide behind AV softwareWindows Remote Desktop Protocol: Remote to RogueRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioSOC Tempest com Google SecOpsLazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket PayloadsAnalyzing the BeaverTail InfostealerNEPTUNE RAT : An advanced Windows RAT with System Destruction Capabilities and Password Exfiltration from 270+ ApplicationsWinRAR flaw bypasses Windows Mark of the Web security alertsRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioApril Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-22457)Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary CodeCritical RCE Vulnerability in Apache Parquet (CVE-2025-30065) – Advisory and AnalysisFast Flux: A National Security ThreatRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioTomcat in the Crosshairs: New Research Reveals Ongoing AttacksCVE-2025-24813 DetailStripe API Skimming Campaign: Additional Victims and InsightsRolandSkimmer: Silent Credit Card Thief UncoveredRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioNearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan CampaignSurge in Palo Alto Networks Scanner Activity Indicates Possible Upcoming ThreatsDPRK IT Workers Expanding in Scope and ScaleFourteen North Korean Nationals Indicted for Carrying Out Multi-Year Fraudulent Information Technology Worker Scheme and Related ExtortionsCrushFTP CVE-2025-2825 flaw actively exploited in the wildPF combate organização criminosa especializada em fraudes bancárias eletrônicas e lavagem de dinheiroRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioFrom Contagious to ClickFake Interview: Lazarus leveraging the ClickFix tacticThe Espionage Toolkit of Earth Alux: A Closer Look at its Advanced TechniquesOperation HollowQuill: Malware delivered into Russian R&D Networks via Research Decoy PDFsRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioSecurity Vulnerability fixed in Firefox 136.0.4, Firefox ESR 128.8.1, Firefox ESR 115.21.1The Shelby StrategySUN:DOWN – Destabilizing the Grid via Orchestrated Exploitation of Solar Power SystemsRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioRedCurl's Ransomware Debut: A Technical Deep DiveYou will always remember this as the day you finally caught FamousSparrowInside Atlantis AIO: Credential Stuffing Across 140+ PlatformsCoffeeLoader: A Brew of Stealthy TechniquesMalware found on npm infecting local package with reverse shellBlasting Past Webp:An analysis of the NSO BLASTPASS iMessage exploitRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
In “Got (Raw) Milk? The Small Family Dairy Farms Behind a Big Controversy,” Gravy producer Bianca Garcia takes listeners to Milky Way Farm, the last dairy in Anderson County, South Carolina, where raw milk sales are keeping the Peeler family afloat. Their neighbors have succumbed to the pressures that have defined a generation of farmers. Between 2003 and 2022, South Carolina—where the state beverage is a glass of cold milk—lost 75 percent of licensed dairy operations. They have found their market in a niche constituency, though the wider public might disapprove. Raw milk is a risky product, often considered a public health risk. Raw milk is unpasteurized, meaning it hasn't been through a sanitizing kill step. Scientists worry that it can make consumers vulnerable to bacterial or viral infection, but raw milk lovers can't get enough of the creamy taste and allegedly healthful properties. This debate is situated in what seems to be a public health emergency. Reports of bird flu infecting dairy cattle leave public health officials worried that drinking raw milk can spread disease. Under the Trump presidency, Secretary of the Department of Health and Human Services Robert F. Kennedy Jr. has vowed to increase public access to raw milk as a part of his Make America Healthy Again agenda. Raw influencers and “tradwives” promote it endlessly on social media. Through all this noise, it's easy to lose sense of the fact that this is an issue that starts on the farm. In this episode, you will hear from L.D. Peeler, acting patriarch of Milky Way Farm, his daughter, Iris, and son, Davis. Each plays a role on their small family farm, which raises 120 Jersey cows: Davis works on the farm, L.D. manages the finances, and Iris does the public relations. They each have different, but entangled, stories to tell. At Milky Way Farm, we are reminded that, just like any other food, raw milk starts with the land, the animals, and the people that make it possible. Guided by the community's desire for a tasty and safe product, the Peelers have shaped their business to meet this need. Thus, in the face of economic pressures of the dairy industry and cultural pressures around the product, they have risen above—like the cream beneath the lid of their bottled pints. Learn more about your ad choices. Visit megaphone.fm/adchoices
Referências do EpisódioCVE-2025-2783Operation ForumTroll: APT attack with Google Chrome zero-day exploit chainCVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwinEncryptHub linked to MMC zero-day attacks on Windows systemsCVE-2025-22230The Curious Case of PlayBoy LockerAmid Reports of Worldwide Reboots, GreyNoise Observes In-the-Wild Activity Against DrayTek RoutersRaspberry Robin: Copy Shop USB Worm Evolves to Initial Access Broker Enabling Other Threat Actor AttacksRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioIngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINXCritical flaw in Next.js lets hackers bypass authorizationNew Phishing Campaign Uses Browser-in-the-Browser Attacks to Target Video Gamers/Counter-Strike 2 PlayersRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioWeaver Ant, the Web Shell Whisperer: Tracking a Live China-nexus OperationVanHelsing, new RaaS in TownOracle denies breach after hacker claims theft of 6 million data recordsSérie de tweets da Microsoft sobre nova campanha do LatrodectusRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioCritical Cisco Smart Licensing Utility flaws now exploited in attacksCisco Smart Licensing Utility Vulnerabilities (CVE-2024-20439 e CVE-2024-20440)CVE-2025-23120By Executive Order, We Are Banning Blacklists - Domain-Level RCE in Veeam Backup & Replication (CVE-2025-23120)RansomHub: Attackers Leverage New Custom BackdoorUnboxing Anubis: Exploring the Stealthy Tactics of FIN7's Latest BackdoorUAT-5918 targets critical infrastructure entities in TaiwanRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioVirtue or Vice? A First Look at Paragon's Proliferating Spyware OperationsArcane stealer: We want all your dataRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do Episódio/bin/live da Mente BináriaZDI-CAN-25373: Windows Shortcut Exploit Abused as Zero-Day in Widespread APT CampaignsCISA Warns of Active Exploitation in GitHub Action Supply Chain CompromiseOperation AkaiRyū: MirrorFace invites Europe to Expo 2025 and revives ANEL backdoorRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioThreat actors rapidly exploit new Apache Tomcat flaw following PoC releaseStilachiRAT analysis: From system reconnaissance to cryptocurrency theftTechnical Advisory: Mass Exploitation of CVE-2024-4577BitM Up! Session Stealing in Seconds Using the Browser-in-the-Middle TechniqueClearFake's New Widespread Variant: Increased Web3 Exploitation for Malware DeliveryRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioFake "Security Alert" issues on GitHub use OAuth app to hijack accounts What Is The New Steganographic Campaign Distributing Multiple MalwareRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioPhishing campaign impersonates Booking .com, delivers a suite of credential-stealing malwareSocGholish's Intrusion Techniques Facilitate Distribution of RansomHub RansomwareRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioGhost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers2025-03 Out-of-Cycle Security Bulletin: Junos OS: A local attacker with shell access can execute arbitrary code (CVE-2025-21590)#StopRansomware: Medusa RansomwareAnalyzing OBSCURE#BAT: Threat Actors Lure Victims into Executing Malicious Batch Scripts to Deploy Stealthy RootkitsLookout Discovers New Spyware by North Korean APT37Roteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioWindows Win32 Kernel Subsystem Elevation of Privilege Vulnerability New - CVE-2025-24983Windows NTFS Information Disclosure Vulnerability New - CVE-2025-24984Windows Fast FAT File System Driver Remote Code Execution Vulnerability New - CVE-2025-24985Windows NTFS Information Disclosure Vulnerability New - CVE-2025-24991Windows NTFS Remote Code Execution Vulnerability New - CVE-2025-24993Microsoft Access Remote Code Execution Vulnerability New - CVE-2025-26630Microsoft Management Console Security Feature Bypass Vulnerability New - CVE-2025-26633Apple fixed the third actively exploited zero-day of 2025Exposure of Sensitive Information to an Unauthorized ActorUse of hardcoded key used for remote backup server password encryptionXSS flaw in Fortiview/SecurityLogs pagesCross Site Request Forgery in admin endpointIncorrect authorization in GUI consoleMultiple command injections on CLIMultiple format string vulnerabilitiesOs command injection on vm download featureBallista – New IoT Botnet Targeting Thousands of TP-Link Archer RoutersNew XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projectsDCRat backdoor returnsAnalyzing Elysium, a Variant of the Ghost (Cring) Ransomware FamilyRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioBlind Eagle: …And Justice for AllUTC−05:00SideWinder targets the maritime and nuclear sectors with an updated toolsetCVE-2017-11882 - Microsoft Office Memory Corruption VulnerabilityA Hit is made: Suspected India-based Sidewinder APT successfully cyber attacks Pakistan military focused targetsAI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer DistributionRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioUndocumented commands found in Bluetooth chip used by a billion devicesRootedCON - Attacking Bluetooth the easy wayCVE-2025-27840Ripple Co-founder's $150M XRP Heist Related to LastPass Hack: ZachXBTFeds seized $23 million in crypto stolen using keys from LastPass breachesThread da Microsoft no X sobre o Moonstone Sleet estar usando o QlinRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioMalvertising campaign leads to info stealers hosted on GitHubGreyNoise Detects Active Exploitation of Silk Typhoon-Linked CVEsKibana 8.17.3 Security Update (ESA-2025-06)Over 37,000 VMware ESXi servers vulnerable to ongoing attacksA Deep Dive into Strela Stealer and how it Targets European CountriesUnmasking the new persistent attacks on JapanUnmasking GrassCall Campaign: The APT Behind Job Recruitment Cyber ScamsRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do EpisódioVMSA-2025-0004: VMware ESXi, Workstation, and Fusion updates address multiple vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)Android Security Bulletin—March 2025Cellebrite zero-day exploit used to target phone of Serbian student activistSilk Typhoon targeting IT supply chainUnveiling EncryptHub: Analysis of a multi-stage malware campaign Not Lost in Translation: Rosetta 2 Artifacts in macOS IntrusionsRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia
Referências do Episódio Squidoor: Suspected Chinese Threat Actor's Backdoor Targets Global Organizations You've Got Malware: FINALDRAFT Hides in Your Drafts Winos 4.0 Spreads via Impersonation of Official Email to Target Users in Taiwan Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools Spring Dragon – Updated ActivityRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia