627 - Ataques exploram nova falha no Ivanti CSA

[Referências do Episódio] [TREND MICRO NO FORRESTER] - https://www.trendmicro.com/explore/forrester-wave-xdr/01054-v1-en-www  Security Advisory Ivanti Cloud Service Appliance (CSA) (CVE-2024-8190) - https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190?language=en_US  Attacking PowerShell CLIXML Deserialization - https://www.truesec.com/hub/blog/attacking-powershell-clixml-deserialization  Gomorrah Stealer v5.1: An In-Depth Analysis of a .NET-Based Malware - https://www.cyfirma.com/research/gomorrah-stealer-v5-1-an-in-depth-analysis-of-a-net-based-malware/ CUCKOO SPEAR Part 1: Analyzing NOOPDOOR from an IR Perspective - https://www.cybereason.com/blog/cuckoo-spear-analyzing-noopdoor  Stealthy Fileless Attack Targets Attendees of Upcoming US-Taiwan Defense Industry Event - https://cyble.com/blog/stealthy-fileless-attack-targets-attendees-of-us-taiwan-defense-industry-event/  Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers - https://thehackernews.com/2024/09/apple-vision-pro-vulnerability-exposed.html  Distributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/distributed-denial-of-truth-ddot-the-mechanics-of-influence-operations-and-the-weaponization-of-social-media/  CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability - https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29847-deep-dive-ivanti-endpoint-manager-agentportal-deserialization-of-untrusted-data-remote-code-execution-vulnerability/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

There are no comments yet.

Please log in to write the first comment.