Go offline with the Player FM app!
Bhyves and Evil LEDs (+Roulette)
Manage episode 272722456 series 2606557
A "trivial" Bhyve VM escape, a BitWarden "RCE", a ModSecurity "Denial of Service" and more scare quotes for your enjoyment in this week's episode.
- [00:00:33] Patient Dies After Ransomware Attack
- [00:08:05] Zerologon [CVE-2020-1472]
- [00:14:29] BitWarden Blind HTTP GET SSRF
- [00:23:40] Apache + PHP under v7.4.10 open_basedir bypass
- [00:29:59] ModSecurity v3 Affected By DoS (Severity HIGH) [CVE-2020-15598]
- [00:38:09] Bhyve VM Escape
- [00:42:59] Webkit aboutBlankURL() code execution vulnerability
- [00:48:28] CVE-2020-9964 - An iOS infoleak
- [00:51:44] Online Casino Roulette - A guideline for pen testers
- [00:56:40] Light Can Hack Your Face! Black-box Backdoor Attack on Face Recognition
- [01:03:06] UniFuzz: Optimizing Distributed Fuzzing via Dynamic Centralized Task Scheduling
- [01:12:07] FANS: Fuzzing Android Native System Services via Automated Interface Analysis
- [01:19:52] OneFuzz framework, an open source developer tool to find and fix bugs at scale
- [01:28:35] Finding Australian Prime Minister Tony Abbott's passport number
- [01:34:08] ARM64 Reversing and Exploitation
- [01:37:25] Hypervisor Exploitation Compiled Research List
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0])
255 episodes
Manage episode 272722456 series 2606557
A "trivial" Bhyve VM escape, a BitWarden "RCE", a ModSecurity "Denial of Service" and more scare quotes for your enjoyment in this week's episode.
- [00:00:33] Patient Dies After Ransomware Attack
- [00:08:05] Zerologon [CVE-2020-1472]
- [00:14:29] BitWarden Blind HTTP GET SSRF
- [00:23:40] Apache + PHP under v7.4.10 open_basedir bypass
- [00:29:59] ModSecurity v3 Affected By DoS (Severity HIGH) [CVE-2020-15598]
- [00:38:09] Bhyve VM Escape
- [00:42:59] Webkit aboutBlankURL() code execution vulnerability
- [00:48:28] CVE-2020-9964 - An iOS infoleak
- [00:51:44] Online Casino Roulette - A guideline for pen testers
- [00:56:40] Light Can Hack Your Face! Black-box Backdoor Attack on Face Recognition
- [01:03:06] UniFuzz: Optimizing Distributed Fuzzing via Dynamic Centralized Task Scheduling
- [01:12:07] FANS: Fuzzing Android Native System Services via Automated Interface Analysis
- [01:19:52] OneFuzz framework, an open source developer tool to find and fix bugs at scale
- [01:28:35] Finding Australian Prime Minister Tony Abbott's passport number
- [01:34:08] ARM64 Reversing and Exploitation
- [01:37:25] Hypervisor Exploitation Compiled Research List
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0])
255 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.