668 - Zero-days em Firewalls Palo Alto Networks e Fortinet seguem sob ataque
Description
[Referências do Episódio]
PAN-SA-2024-0015 Critical Security Bulletin: Ensure Access to Management Interface is Secured - https://security.paloaltonetworks.com/PAN-SA-2024-0015
BrazenBamboo Weaponizes FortiClient Vulnerability to Steal VPN Credentials via DEEPDATA - https://www.volexity.com/blog/2024/11/15/brazenbamboo-weaponizes-forticlient-vulnerability-to-steal-vpn-credentials-via-deepdata/
FG-IR-24-423 - Missing authentication in fgfmsd - https://fortiguard.fortinet.com/psirt/FG-IR-24-423
Hop-Skip-FortiJump-FortiJump-Higher - Fortinet FortiManager CVE-2024-47575 - https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/
Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices - https://www.trendmicro.com/en_us/research/24/k/water-barghest.html
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
United States
