689 - Falha de RCE no Apache Struts 2 está sendo explorada
Description
[Referências do Episódio]
S2-067 - CVE-2024-53677 - https://cwiki.apache.org/confluence/display/WW/S2-067
New critical Apache Struts flaw exploited to find vulnerable servers - https://www.bleepingcomputer.com/news/security/new-critical-apache-struts-flaw-exploited-to-find-vulnerable-servers/
2024-12 Reference Advisory: Session Smart Router: Mirai malware found on systems when the default password remains unchanged - https://supportportal.juniper.net/s/article/2024-12-Reference-Advisory-Session-Smart-Router-Mirai-malware-found-on-systems-when-the-default-password-remains-unchanged?language=en_US
Hidden in Plain Sight: TA397’s New Attack Chain Delivers Espionage RATs - https://www.proofpoint.com/us/blog/threat-insight/hidden-plain-sight-ta397s-new-attack-chain-delivers-espionage-rats
Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks - https://www.trendmicro.com/en_us/research/24/l/earth-koshchei.html
TAG Bulletin: Q4 2024 - https://blog.google/threat-analysis-group/tag-bulletin-q4-2024/
Effective Phishing Campaign Targeting European Companies and Institutions - https://unit42.paloaltonetworks.com/european-phishing-campaign/
BADBOX Botnet Is Back - https://www.bitsight.com/blog/badbox-botnet-back
Roteiro e apresentação: Carlos Cabral e Bianca Oliveira
Edição de áudio: Paulo Arruzzo
Narração de encerramento: Bianca Garcia