Vulnerability Disclosure 15/July/2024 Cross-Site Scripting (XSS) vulnerabilities and direct unauthenticated access found in the LumisXP Framework This publication focuses on the discovery of flaws that allow the execution of arbitrary scripts (HTML/JavaScript) and unauthorized access in applications using LumisXP, without the need for authentication
Vulnerability Disclosure 28/February/2024 CVEs: Access control vulnerabilities found within Multilaser routers’ web management interface This publication deals with the discovery of security flaws that may enable unauthorized access and control of Multilaser router configurations
Vulnerability Disclosure 18/May/2023 CVE-2023-27233: SQL Command Execution Vulnerability in Piwigo 13.5.0 Survey reveals weakness in the open source software, allowing the execution of arbitrary SQL commands
Vulnerability Disclosure 17/May/2023 CVE-2023-26876: SQL injection vulnerability found in Piwigo image management software Security flaw may allow unauthorized access and retrieval of sensitive server data
Community 18/January/2023 Fraud in E-commerces – Brazilian Perspective The success of e-commerces in Brazil is unquestionable and, of course, carries the same burden of fraud growth. In 2021, for example, there was a loss of more than BRL 7 billion related to fraud attempts, an increase of 100% compared to the previous year
HARDENING 05/January/2023 Methodology for Security Analysis in Operating Systems from the Compliance Management Perspective These vulnerable environment scenarios are part of the reality experienced by security teams, who work on the daily assessment of systems in order to protect assets from vulnerabilities that affect critical devices or systems in companies
THREAT INTELLIGENCE 20/December/2022 New Chaes campaign uses Windows Management Instrumentation Command-Line Utility Tempest's Threat Intelligence team recently identified a new campaign by the Chaes malware operators, in which there's a heavy use of Windows Management Instrumentation Command-Line Utility (WMIC) during the infection phase and in the theft of victim data
Detection Engineering 09/November/2022 Empowering Intrusion Detection Systems with Machine Learning – Part 5 of 5 Intrusion Detection using Generative Adversarial Networks
Detection Engineering 26/October/2022 Empowering Intrusion Detection Systems with Machine Learning – Part 4 of 5 Intrusion Detection using Autoencoders
Detection Engineering 13/October/2022 Empowering Intrusion Detection Systems with Machine Learning – Part 3 of 5 One-Class Novelty Detection Intrusion Detection Systems
Vulnerability Disclosure 30/September/2022 CVE-2022-2863: WordPress plugin WPvivid Backup in version 0.9.76 and lower, allows reading of arbitrary files from server Developers of the plugin have patched and released an update correcting the glitch in a later version
Detection Engineering 18/August/2022 Empowering Intrusion Detection Systems with Machine Learning – Part 2 of 5 Clustering-Based Unsupervised Intrusion Detection Systems
Software Security 05/August/2022 Compromise Indicators in incident detection and false positive reduction in practice Given the complexity and advance of threats to computing environments, such as the spread of ransomware attacks that have been growing in recent years (KENNEALLY, 2021), analyzing threats thoroughly and intelligently is crucial
Detection Engineering 20/July/2022 MISP Broker Tempest's team of researchers develop and share a tool to assist in activities carried out by defensive security analysts
THREAT INTELLIGENCE 11/July/2022 Stealers, access sales and ransomware: supply chain and business models in cybercrime Although incidents arising from such activities happen mostly in the computational universe, their impacts are not restricted to the digital world, and can affect people, institutions, cities, or even countries
Detection Engineering 23/June/2022 Empowering Intrusion Detection Systems with Machine Learning – Part 1 of 5 Signature vs. Anomaly-Based Intrusion Detection Systems
Vulnerability Disclosure 25/May/2022 CVE-2021-46426: phpIPAM 1.4.4 allows reflected XSS and CSRF via subnets functionality Its version 1.4.4 is vulnerable to Reflected Cross Site Scripting (XSS) and Cross Site Request Forgery (CSRF) attacks
Vulnerability Disclosure 25/May/2022 CVE-2021-30140: XSS Vulnerability Detection in Liquid Files LiquidFiles 3.4.15 has stored XSS via "send email" functionality when emailing a file to an administrator.
THREAT INTELLIGENCE 02/May/2022 Mekotio banking trojan identified in a new campaign against Brazilian account holders The Trojan, which supposedly originated in Brazil, has divided its infection process into multiple stages in order to make the work of malware analysts more difficult
Cybersec Customer Success 26/April/2022 Information Security: Policies for Clean Desks and Screens Information security (IS) is directly related to protecting a set of information, in the sense of preserving the value it holds for an individual or an organization
Corporate Security 12/November/2019 Information Security Risk Management — Analytical Thinking A brief risk management analysis based on ISO / IEC 27005: 2011 — Information Technology — Security Techniques — Information Security Risk Management
Intelligence 01/October/2019 Phishing campaign spreads malware to Facebook users in Brazil and Mexico Sponsored ads offered discount coupons to distribute a malicious Chrome extension, among other threats
Cryptography 05/September/2019 A brief analysis of data compression security issues Many applications compress data before it is encrypted, which, in some cases, may compromise the confidentiality of the transmitted data
Intelligence 28/August/2018 Fake stores, “boletos” and WhatsApp: Uncovering a Phishing-as-a-Service operation This activity relies on platforms that sell fake e-commerce (fake stores)
Intelligence 20/August/2018 Hakai botnet shows signs of intense activity in Latin America This botnet has been detected by our sensors 134 times just this month
Intelligence 01/August/2018 New attempts to attack D-Link devices in Brazil are detected Tempest monitoring team identified the activity of 11 botnets attempting to exploit device flaws
Intelligence 25/July/2018 New variant of the Mirai botnet has activity detected in Brazil Botnet tries to exploit vulnerabilities in routers and monitoring systems
Vulnerability Disclosure 20/March/2018 Hola VPN software flaw could lead to privilege escalation If exploited, the vulnerability allows for privilege escalation in the operating system, allowing the attacker to get full control over the victim’s computer
News 16/January/2018 New threats expose risk of attacks on satellite communication systems on ships These vulnerabilities would allow access to internal systems of offshore vessels
Vulnerability Disclosure 08/January/2018 Password manager flaw allows for arbitrary command execution The flaw was found in the latest version of the software (4.9.3)
Uncategorized 16/June/2017 Pacemakers may be vulnerable to cyberattacks, study finds More than 8,000 vulnerabilities have been discovered in several models. In the UK the number of implanted devices exceeds 400 per million inhabitants
Vulnerability Disclosure 15/July/2024 Cross-Site Scripting (XSS) vulnerabilities and direct unauthenticated access found in the LumisXP Framework This publication focuses on the discovery of flaws that allow the execution of arbitrary scripts (HTML/JavaScript) and unauthorized access in applications using LumisXP, without the need for authentication
Vulnerability Disclosure 28/February/2024 CVEs: Access control vulnerabilities found within Multilaser routers’ web management interface This publication deals with the discovery of security flaws that may enable unauthorized access and control of Multilaser router configurations
Vulnerability Disclosure 18/May/2023 CVE-2023-27233: SQL Command Execution Vulnerability in Piwigo 13.5.0 Survey reveals weakness in the open source software, allowing the execution of arbitrary SQL commands
Vulnerability Disclosure 17/May/2023 CVE-2023-26876: SQL injection vulnerability found in Piwigo image management software Security flaw may allow unauthorized access and retrieval of sensitive server data
Community 18/January/2023 Fraud in E-commerces – Brazilian Perspective The success of e-commerces in Brazil is unquestionable and, of course, carries the same burden of fraud growth. In 2021, for example, there was a loss of more than BRL 7 billion related to fraud attempts, an increase of 100% compared to the previous year
HARDENING 05/January/2023 Methodology for Security Analysis in Operating Systems from the Compliance Management Perspective These vulnerable environment scenarios are part of the reality experienced by security teams, who work on the daily assessment of systems in order to protect assets from vulnerabilities that affect critical devices or systems in companies
THREAT INTELLIGENCE 20/December/2022 New Chaes campaign uses Windows Management Instrumentation Command-Line Utility Tempest's Threat Intelligence team recently identified a new campaign by the Chaes malware operators, in which there's a heavy use of Windows Management Instrumentation Command-Line Utility (WMIC) during the infection phase and in the theft of victim data
Detection Engineering 09/November/2022 Empowering Intrusion Detection Systems with Machine Learning – Part 5 of 5 Intrusion Detection using Generative Adversarial Networks
Detection Engineering 26/October/2022 Empowering Intrusion Detection Systems with Machine Learning – Part 4 of 5 Intrusion Detection using Autoencoders
Detection Engineering 13/October/2022 Empowering Intrusion Detection Systems with Machine Learning – Part 3 of 5 One-Class Novelty Detection Intrusion Detection Systems
Vulnerability Disclosure 30/September/2022 CVE-2022-2863: WordPress plugin WPvivid Backup in version 0.9.76 and lower, allows reading of arbitrary files from server Developers of the plugin have patched and released an update correcting the glitch in a later version
Detection Engineering 18/August/2022 Empowering Intrusion Detection Systems with Machine Learning – Part 2 of 5 Clustering-Based Unsupervised Intrusion Detection Systems
Software Security 05/August/2022 Compromise Indicators in incident detection and false positive reduction in practice Given the complexity and advance of threats to computing environments, such as the spread of ransomware attacks that have been growing in recent years (KENNEALLY, 2021), analyzing threats thoroughly and intelligently is crucial
Detection Engineering 20/July/2022 MISP Broker Tempest's team of researchers develop and share a tool to assist in activities carried out by defensive security analysts
THREAT INTELLIGENCE 11/July/2022 Stealers, access sales and ransomware: supply chain and business models in cybercrime Although incidents arising from such activities happen mostly in the computational universe, their impacts are not restricted to the digital world, and can affect people, institutions, cities, or even countries
Detection Engineering 23/June/2022 Empowering Intrusion Detection Systems with Machine Learning – Part 1 of 5 Signature vs. Anomaly-Based Intrusion Detection Systems
Vulnerability Disclosure 25/May/2022 CVE-2021-46426: phpIPAM 1.4.4 allows reflected XSS and CSRF via subnets functionality Its version 1.4.4 is vulnerable to Reflected Cross Site Scripting (XSS) and Cross Site Request Forgery (CSRF) attacks
Vulnerability Disclosure 25/May/2022 CVE-2021-30140: XSS Vulnerability Detection in Liquid Files LiquidFiles 3.4.15 has stored XSS via "send email" functionality when emailing a file to an administrator.
THREAT INTELLIGENCE 02/May/2022 Mekotio banking trojan identified in a new campaign against Brazilian account holders The Trojan, which supposedly originated in Brazil, has divided its infection process into multiple stages in order to make the work of malware analysts more difficult
Cybersec Customer Success 26/April/2022 Information Security: Policies for Clean Desks and Screens Information security (IS) is directly related to protecting a set of information, in the sense of preserving the value it holds for an individual or an organization
Corporate Security 12/November/2019 Information Security Risk Management — Analytical Thinking A brief risk management analysis based on ISO / IEC 27005: 2011 — Information Technology — Security Techniques — Information Security Risk Management
Intelligence 01/October/2019 Phishing campaign spreads malware to Facebook users in Brazil and Mexico Sponsored ads offered discount coupons to distribute a malicious Chrome extension, among other threats
Cryptography 05/September/2019 A brief analysis of data compression security issues Many applications compress data before it is encrypted, which, in some cases, may compromise the confidentiality of the transmitted data
Intelligence 28/August/2018 Fake stores, “boletos” and WhatsApp: Uncovering a Phishing-as-a-Service operation This activity relies on platforms that sell fake e-commerce (fake stores)
Intelligence 20/August/2018 Hakai botnet shows signs of intense activity in Latin America This botnet has been detected by our sensors 134 times just this month
Intelligence 01/August/2018 New attempts to attack D-Link devices in Brazil are detected Tempest monitoring team identified the activity of 11 botnets attempting to exploit device flaws
Intelligence 25/July/2018 New variant of the Mirai botnet has activity detected in Brazil Botnet tries to exploit vulnerabilities in routers and monitoring systems
Vulnerability Disclosure 20/March/2018 Hola VPN software flaw could lead to privilege escalation If exploited, the vulnerability allows for privilege escalation in the operating system, allowing the attacker to get full control over the victim’s computer
News 16/January/2018 New threats expose risk of attacks on satellite communication systems on ships These vulnerabilities would allow access to internal systems of offshore vessels
Vulnerability Disclosure 08/January/2018 Password manager flaw allows for arbitrary command execution The flaw was found in the latest version of the software (4.9.3)
Uncategorized 16/June/2017 Pacemakers may be vulnerable to cyberattacks, study finds More than 8,000 vulnerabilities have been discovered in several models. In the UK the number of implanted devices exceeds 400 per million inhabitants
