iOS 0days are worthless, PrintDemon, and a takeover of hackerone
Day[0] - Podcast autorstwa dayzerosec
Kategorie:
Are iOS 0days now worthless? Can you hack a satellite...or hackerone? Are WAFs worthwhile? And more on a fairly discussion heavy episode of DAY[0].
- [00:00:52] [UPDATE] Huawei HKSP Introduces Trivially Exploitable Vulnerability
- [00:11:59] iOS one-click chains prices likely to drop
- [00:33:30] Defcon Quals 2020
- [00:46:33] vBulletin 5.6.1 SQL Injection
- [00:52:52] Subdomain takeover of resources.hackerone.com
- [01:01:11] MyLittleAdmin PreAuth RCE
- [01:06:13] DOM-Based XSS at accounts.google.com by Google Voice Extension.
- [01:16:47] Playing with GZIP: RCE in GLPI [CVE-2020-11060]
- [01:36:24] Reverse RDP - The Path Not Taken
- [01:44:19] PrintDemon: Print Spooler Privilege Escalation, Persistence & Stealth [CVE-2020-1048]
- [01:53:34] Security Flaws in Adobe Acrobat Reader Allow Malicious Program to Gain Root on macOS Silently
- [02:00:29] Cloud WAF Comparison Using Real-World Attacks
- [02:18:20] Fuzzing TLS certificates from their ASN.1 grammar
- [02:22:25] DHS CISA and FBI share list of top 10 most exploited vulnerabilities
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0])