Pwn2Own Results, Voatz (again), some web-exploits and a code-reuse mitigation
Day[0] - Un pódcast de dayzerosec
Categorías:
More discussion about election hacking with Voatz undergoing a more complete security assessment, we also discuss a few interesting web attacks and end with a good discussion about a new code-reuse mitigation: Hurdle.
- [00:00:20] Learn Exploit Development While Not Dying
- [00:02:10] Exploit Education
- [00:07:32] Pwn2Own Results
- [00:16:19] DEF CON CTF 2020 QUALS COVID-19 DELAY
- [00:22:30] Software Engineer - Jobs at Apple
- [00:30:56] Tesla Model 3 Denial of Service Vulnerability [CVE-2020-10558]
- [00:36:26] Trail of Bits - Voatz Security Review
- [01:01:49] XXE-scape through the front door: circumventing the firewall with HTTP request smuggling
- [01:08:12] Don't Clone That Repo: Visual Studio Code^2 Execution
- [01:14:22] [Hacker101] Race Condition leads to undeletable group member
- [01:19:58] JavaScript without parentheses using DOMMatrix
- [01:24:21] Hurdle: Securing Jump Instructions Against Code Reuse Attacks
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0])