Project Verona, CurveBall, CableHaunt, and RCEs-a-plenty
Day[0] - Podcast autorstwa dayzerosec
Kategorie:
Start off with some discussions about Google, privacy, Rust, and entitlement within open-source software. Then we look at some of the big vulns of the past week including CurveBall, CabelHaunt, and an RDP RCE.
- [00:00:27] Chromium Blog: Building a more private web: A path towards making third party cookies obsolete
- [00:07:05] WeLeakInfo.com Domain Name Seized
- [00:13:39] A sad day for Rust
- [00:25:38] GitHub - microsoft/verona: Research programming language for concurrent ownership
- [00:37:30] Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer
- [00:47:16] Control Flow Integrity (CFI) in the Linux kernel
- [00:53:54] ADV200001 | Microsoft Guidance on Scripting Engine Memory Corruption Vulnerability (CVE-2020-0674)
- [00:57:19] Netgear TLS Private Key Disclosure through Device Firmware Images
- [01:17:39] Cable Haunt
- [01:27:19] RDP to RCE: When Fragmentation Goes Wrong
- [01:31:46] Critical Auth Bypass Vulnerability In InfiniteWP Client And WP Time Capsule
- [01:37:48] cuck00 | Twenty-twenty, bugs aplenty!
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0])