652 - Zero-Day no FortiManager está sob ataque
Description
[Referências do Episódio]
Ada Lovelace Day 2024 - https://www.even3.com.br/ada-lovelace-day-2024-tempest/
FG-IR-24-423 - CVE-2024-47575 - Missing authentication in fgfmsd - https://fortiguard.fortinet.com/psirt/FG-IR-24-423
CVE-2024-47575: Frequently Asked Questions About FortiJump Zero-Day in FortiManager and FortiManager Cloud - https://www.tenable.com/blog/cve-2024-47575-faq-about-fortijump-zero-day-in-fortimanager-fortimanager-cloud
Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575) - https://cloud.google.com/blog/topics/threat-intelligence/fortimanager-zero-day-exploitation-cve-2024-47575/
CVE-2024-20424 - Cisco Secure Firewall Management Center Software Command Injection Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-v3AWDqN7
CVE-2024-20412 - Cisco Firepower Threat Defense Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5
Threat Spotlight: WarmCookie/BadSpace - https://blog.talosintelligence.com/warmcookie-analysis/
Highlighting TA866/Asylum Ambuscade Activity Since 2021 - https://blog.talosintelligence.com/highlighting-ta866-asylum-ambuscade/
Embargo ransomware: Rock’n’Rust - https://www.welivesecurity.com/en/eset-research/embargo-ransomware-rocknrust/
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia