684 - Patch tuesday de dezembro tem zero-day no Windows sendo explorado em ataques
Description
[Referências do Episódio]
Atualizações de Segurança de dezembro de 2024 - https://msrc.microsoft.com/update-guide/releaseNote/2024-Dec
December Security Update - https://www.ivanti.com/blog/december-security-update
SAP Security Patch Day – December 2024 - https://support.sap.com/en/my-support/knowledge-base/security-notes-news/december-2024.html
CISA Releases Seven Industrial Control Systems Advisories - https://www.cisa.gov/news-events/alerts/2024/12/10/cisa-releases-seven-industrial-control-systems-advisories
AppLite: A New AntiDot Variant Targeting Mobile Employee Devices - https://www.zimperium.com/blog/applite-a-new-antidot-variant-targeting-mobile-employee-devices/
Inside Zloader’s Latest Trick: DNS Tunneling - https://www.zscaler.com/blogs/security-research/inside-zloader-s-latest-trick-dns-tunneling
Silent Push Unwraps the AIZ—Aggressive Inventory Zombies—Retail & Crypto Phishing Network Campaign - https://www.silentpush.com/blog/aiz-retail-crypto-phishing/
Inside a New OT/IoT Cyberweapon: IOCONTROL - https://claroty.com/team82/research/inside-a-new-ot-iot-cyber-weapon-iocontrol
Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels - https://www.sentinelone.com/labs/operation-digital-eye-chinese-apt-compromises-critical-digital-infrastructure-via-visual-studio-code-tunnels/
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia
United States
