Raccoons, Incomplete fixes and Kernel Exploits
Day[0] - Podcast autorstwa dayzerosec
Kategorie:
Leading off this week's discussion is the news about the now remote CCC and Offensive Security's plans to retire OSCE. On the exploit side of things, this week we have a few recent bug bounties including a Google Maps XSS, a FreeBSD TOCTOU, and a couple of Linux kernel vulnerabilities. [00:02:30] CCC going remote this year due to pandemic [00:09:44] NVIDIA to Acquire Arm for $40 Billion [00:20:36] OSCE being retired https://ringzer0.training/ [00:34:21] Giggle; laughable security [00:44:51] Raccoon Attack https://portswigger.net/daily-swig/researchers-exploit-http-2-wpa3-protocols-to-stage-highly-efficient-timeless-timing-attacks [00:53:34] Executing arbitrary code on NVIDIA GeForce NOW VMs [01:02:07] Cache poisoning via X-Forwarded-Host [01:08:56] Team object in GraphQL disclosed private_comment [01:14:08] XSS->Fix->Bypass: 10000$ bounty in Google Maps [01:28:33] Microsoft Sharepoint and Exchange Server Vulnerabilities [01:45:35] Short story of 1 Linux Kernel Use-After-Free and 2 CVEs [01:53:25] FreeBSD Kernel Privilege Escalation [CVE-2020-7460] [02:02:47] WSL 2.0 dxgkrnl Driver Memory Corruption [02:10:46] Project Zero: Attacking the Qualcomm Adreno GPU [02:16:03] GoogleCTF 2020 Challenge Source + Exploits Release [02:20:08] IDA Pro Tips to Add to Your Bag of Tricks [02:20:48] Reverse Engineering: Marvel's Avengers - Developing a Server Emulator Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@DAY[0])