Código HTML do Conteúdo

Post: Boletim informativo de Assuntos de Segurança Rodada 536 por Pierluigi Paganini – EDIÇÃO INTERNACIONAL

<div> <h2>Boletim informativo de Assuntos de Seguran&ccedil;a Rodada 536 por Pierluigi Paganini &ndash; EDI&Ccedil;&Atilde;O INTERNACIONAL</h2> <h2>Uma nova rodada do boletim semanal de Assuntos de Seguran&ccedil;a chegou! Toda semana, os melhores artigos de seguran&ccedil;a da Security Affairs s&atilde;o gratuitos em sua caixa de e-mail.</h2> <p>Desfrute de uma nova rodada do boletim semanal SecurityAffairs, incluindo a imprensa internacional.</p> <p><strong>Imprensa Internacional &ndash; Newsletter</strong></p> <p><strong>Cibercrime<a target="_blank"></a></strong></p> <p><a href="https://blog.mozilla.org/addons/2025/08/01/warning-phishing-campaign-detected/" target="_blank">Aviso: campanha de phishing detectada</a></p> <p><a href="https://about.fb.com/news/2025/08/new-whatsapp-tools-tips-beat-messaging-scams/" target="_blank">Novas ferramentas e dicas do WhatsApp para vencer golpes de mensagens</a></p> <p><a href="https://www.zscaler.com/blogs/security-research/genai-used-phishing-websites-impersonating-brazil-s-government" target="_blank">GenAI usado para sites de phishing que se passam pelo governo do Brasil</a></p> <p><a href="https://www.ctm360.com/reports/fraudontok-tiktok-shop-scam-report" target="_blank">FraudOnTok</a></p> <p><a href="https://www.fincen.gov/news/news-releases/fincen-issues-notice-use-convertible-virtual-currency-kiosks-scam-payments-and" target="_blank">FinCEN emite aviso sobre o uso de quiosques de moeda virtual convers&iacute;vel para pagamentos fraudulentos e outras atividades il&iacute;citas</a></p> <p><a href="https://www.justice.gov/usao-sdny/pr/nigerian-man-extradited-face-hacking-fraud-and-identity-theft-charges" target="_blank">Homem nigeriano extraditado para enfrentar acusa&ccedil;&otilde;es de hacking, fraude e roubo de identidade</a></p> <p><a href="https://fieldeffect.com/blog/update-akira-ransomware-group-targets-sonicwall-vpn-appliances" target="_blank">Atualiza&ccedil;&atilde;o: grupo de ransomware Akira tem como alvo os dispositivos SonicWall VPN</a></p> <p><a href="https://www.bleepingcomputer.com/news/security/columbia-university-data-breach-impacts-nearly-870-000-students-applicants-employees/" target="_blank">Viola&ccedil;&atilde;o de dados da Universidade de Columbia afeta quase 870.000 indiv&iacute;duos</a></p> <p><a href="https://krebsonsecurity.com/2025/08/who-got-arrested-in-the-raid-on-the-xss-crime-forum/" target="_blank">Quem foi preso na invas&atilde;o do XSS Crime Forum?</a></p> <p><a href="https://www.trmlabs.com/resources/blog/unmasking-embargo-ransomware-a-deep-dive-into-the-groups-ttps-and-blackcat-links" target="_blank">Desmascarando o Embargo Ransomware: Um Mergulho Profundo nos TTPs e Links BlackCat do Grupo</a></p> <p><strong>Malware</strong><strong></strong></p> <p><a href="https://arcticwolf.com/resources/blog/arctic-wolf-observes-july-2025-uptick-in-akira-ransomware-activity-targeting-sonicwall-ssl-vpn/" target="_blank">Arctic Wolf observa aumento em julho de 2025 na atividade do Akira Ransomware direcionada &agrave; VPN SSL da SonicWall</a></p> <p><a href="https://www.bitsight.com/blog/toxicpanda-android-banking-malware-2025-study" target="_blank">ToxicPanda: o Trojan banc&aacute;rio Android direcionado &agrave; Europa</a></p> <p><a href="https://guard.io/labs/captchageddon-unmasking-the-viral-evolution-of-the-clickfix-browser-based-threat" target="_blank">&ldquo;CAPTCHAgeddon&rdquo; Desmascarando a Evolu&ccedil;&atilde;o Viral da Amea&ccedil;a Baseada no Navegador ClickFix</a></p> <p><a href="https://socket.dev/blog/11-malicious-go-packages-distribute-obfuscated-remote-payloads" target="_blank">11 pacotes Go maliciosos distribuem cargas remotas ofuscadas</a></p> <p><a href="https://unit42.paloaltonetworks.com/new-darkcloud-stealer-infection-chain/" target="_blank">Nova Cadeia de Infec&ccedil;&atilde;o e Ofusca&ccedil;&atilde;o Baseada em ConfuserEx para DarkCloud Stealer</a></p> <p><strong>Hacking</strong></p> <p><a href="https://bobdahacker.com/blog/lovense-still-leaking-user-emails" target="_blank">Lovense: a empresa que mente para pesquisadores de seguran&ccedil;a</a></p> <p><a href="https://www.wiz.io/blog/nvidia-triton-cve-2025-23319-vuln-chain-to-ai-server" target="_blank">Quebrando NVIDIA Triton: CVE-2025-23319 &ndash; Uma cadeia de vulnerabilidades que leva &agrave; aquisi&ccedil;&atilde;o do servidor de IA</a></p> <p><a href="https://www.huntress.com/blog/exploitation-of-sonicwall-vpn" target="_blank">Huntress Threat Advisory: Explora&ccedil;&atilde;o ativa de VPNs da SonicWall</a></p> <p><a href="https://thehackernews.com/2025/08/google-fixes-3-android-vulnerabilities.html" target="_blank">O patch de agosto do Google corrige duas vulnerabilidades da Qualcomm exploradas na natureza</a></p> <p><a href="https://thehackernews.com/2025/08/trend-micro-confirms-active.html" target="_blank">Trend Micro confirma explora&ccedil;&atilde;o ativa de falhas cr&iacute;ticas do Apex One em sistemas locais</a></p> <p><a href="https://blog.talosintelligence.com/revault-when-your-soc-turns-against-you/" target="_blank">ReVault! Quando seu SoC se volta contra voc&ecirc;&hellip;</a></p> <p><a href="https://www.securityweek.com/red-teams-breach-gpt-5-with-ease-warn-its-nearly-unusable-for-enterprise/" target="_blank">Red Teams Jailbreak GPT-5 com facilidade, avisam que &eacute; &lsquo;quase inutiliz&aacute;vel&rsquo; para empresas</a></p> <p><strong>Intelig&ecirc;ncia e guerra de informa&ccedil;&atilde;o</strong></p> <p><a href="https://unit42.paloaltonetworks.com/infiltration-of-global-telecom-networks/" target="_blank">O Manual do Operador Secreto: Infiltra&ccedil;&atilde;o de Redes Globais de Telecomunica&ccedil;&otilde;es</a></p> <p><a href="https://therecord.media/hacked-crimean-servers-abducted-children" target="_blank">Servidores hackeados da Crimeia revelam informa&ccedil;&otilde;es sobre crian&ccedil;as sequestradas, diz Ucr&acirc;nia</a></p> <p><a href="https://cert.gov.ua/article/6284949" target="_blank">Kit de ferramentas UAC-0099 atualizado: MATCHBOIL, MATCHWOK, DRAGSTARE</a></p> <p><a href="https://www.bleepingcomputer.com/news/security/winrar-zero-day-flaw-exploited-by-romcom-hackers-in-phishing-attacks/" target="_blank">WinRAR zero-day explorado para plantar malware na extra&ccedil;&atilde;o de arquivos</a></p> <p><a href="https://therecord.media/germany-spyware-limitations-court-rules" target="_blank">O principal tribunal da Alemanha considera que a pol&iacute;cia s&oacute; pode usar spyware para investigar crimes graves</a></p> <p><a href="https://www.theguardian.com/world/2025/aug/06/microsoft-israeli-military-palestinian-phone-calls-cloud" target="_blank">&lsquo;Um milh&atilde;o de chamadas por hora&rsquo;: Israel confia na nuvem da Microsoft para vigil&acirc;ncia expansiva de palestinos</a></p> <p><strong>Ciberseguran&ccedil;a</strong></p> <p><a href="https://www.securityweek.com/chinese-researchers-suggest-lasers-and-sabotage-to-counter-musks-starlink-satellites/" target="_blank">Pesquisadores chineses sugerem lasers e sabotagem para combater os sat&eacute;lites Starlink de Musk</a></p> <p><a href="https://thehackernews.com/2025/08/sonicwall-investigating-potential-ssl.html" target="_blank">SonicWall investiga poss&iacute;vel VPN SSL de dia zero ap&oacute;s 20+ ataques direcionados relatados</a></p> <p><a href="https://www-psychologytoday-com.cdn.ampproject.org/c/s/www.psychologytoday.com/us/blog/the-algorithmic-mind/202508/ai-rewrote-its-code-when-i-asked-about-human-nature/amp" target="_blank">A IA reescreveu seu c&oacute;digo quando perguntei sobre a natureza humana</a></p> <p><a href="https://www.securityweek.com/cisco-says-user-data-stolen-in-crm-hack/" target="_blank">Cisco diz que dados de usu&aacute;rios foram roubados em hack de CRM</a></p> <p><a href="https://www.helpnetsecurity.com/2025/07/16/human-cybersecurity-risk-employees/" target="_blank">A maior parte do risco de seguran&ccedil;a cibern&eacute;tica vem de apenas 10% dos funcion&aacute;rios</a></p> <p><a href="https://www.securityweek.com/organizations-warned-of-vulnerability-in-microsoft-exchange-hybrid-deployment/" target="_blank">Organiza&ccedil;&otilde;es alertadas sobre vulnerabilidade na implanta&ccedil;&atilde;o h&iacute;brida do Microsoft Exchange</a></p> <p><a href="https://www.bleepingcomputer.com/news/security/air-france-and-klm-disclose-data-breaches-impacting-customers/" target="_blank">Air France e KLM divulgam viola&ccedil;&otilde;es de dados que afetam os clientes</a></p> <p><a href="https://www.securityweek.com/google-discloses-salesforce-hack/" target="_blank">Google divulga viola&ccedil;&atilde;o de dados por meio de hack do Salesforce</a></p> <p><a href="https://blog.pypi.org/posts/2025-08-07-wheel-archive-confusion-attacks/#wheels-are-zips-and-zips-are-complicated" target="_blank">Evitando ataques de confus&atilde;o do analisador ZIP em instaladores de pacotes Python</a></p> <p><a href="https://www.channelweb.co.uk/news/2025/europe-prioritising-spend-properly-as-h1-cybersecurity-market-hits-double-digit-growth" target="_blank">Europa prioriza gastos adequadamente &agrave; medida que o mercado de seguran&ccedil;a cibern&eacute;tica do 1&ordm; semestre atinge crescimento de dois d&iacute;gitos</a></p> <p>Siga-me no Twitter:<a href="https://twitter.com/securityaffairs" target="_blank">@securityaffairs</a>e<a href="https://www.facebook.com/sec.affairs" target="_blank">Linkedin</a>e<a href="https://infosec.exchange/@securityaffairs" target="_blank">Mastodonte</a></p> <p><a href="http://www.linkedin.com/pub/pierluigi-paganini/b/742/559" target="_blank">PierluigiPaganini</a></p> <p>(<a href="http://securityaffairs.co/wordpress/" target="_blank">Assuntos de Seguran&ccedil;a</a>&ndash;hacking,boletim informativo)</p> <hr> <hr> </div>