Rogue Employees, Lasers, Fuzzing, and an iOS Exploit (checkra1n)
Day[0] - Un pódcast de dayzerosec
Categorías:
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0])
- [1573502643] Blog launched, stream schedule, discord
- [1573503151] Pwn2Own Tokyo 2019
- [1573503418] Blog launched, stream schedule, discord
- [00:01:56] Pwn2Own Tokyo 2019
- [00:07:22] Pwn2Own Tokyo 2019
- [00:08:46] Google Begins Testing Extension manifest v3 in Chrome Canary
- [00:12:03] Rogue Trend Micro Employee Sold Customer Data for 68K Accounts
- [00:14:54] The DoJ charges former Twitter employees for allegedly accessing thousands of accounts on behalf of Saudi Arabia.
- [00:23:02] OpenTitan – Open sourcing transparent, trustworthy, and secure silicon
- [00:26:34] OpenTitan – Open sourcing transparent, trustworthy, and secure silicon
- [00:29:33] Sandboxie transitioning to open source
- [00:44:06] Facebook Groups API flaw exposed data to 100 developers
- [00:47:47] Laser-Based Audio Injection on Voice-Controllable Systems
- [00:54:07] Who is Real Bob? Adversarial Attacks on Speaker Recognition Systems
- [00:54:20] Laser-Based Audio Injection on Voice-Controllable Systems
- [00:57:11] Blog launched, stream schedule, discord\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cli>[1573503151] \u003Ca href='https://www.zerodayinitiative.com/blog/2019/11/5/welcome-to-pwn2own-tokyo-2019-schedule-and-live-updating-results'>Pwn2Own Tokyo 2019\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cli>[1573503418] \u003Ca href='https://dayzerosec.com/'>Blog launched, stream schedule, discord\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cli>[00:01:56] \u003Ca href='https://www.zerodayinitiative.com/blog/2019/11/5/welcome-to-pwn2own-tokyo-2019-schedule-and-live-updating-results'>Pwn2Own Tokyo 2019\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cul>\u003Cli>\u003Ca href='https://www.zerodayinitiative.com/Pwn2OwnTokyo2019Rules.html'>https://www.zerodayinitiative.com/Pwn2OwnTokyo2019Rules.html\u003C/a>\u003C/li>\u003C/ul>\u003Cbr />\\n\u003Cli>[00:07:22] \u003Ca href='https://www.zerodayinitiative.com/blog/2019/11/5/welcome-to-pwn2own-tokyo-2019-schedule-and-live-updating-results'>Pwn2Own Tokyo 2019\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cli>[00:08:46] \u003Ca href='https://www.bleepingcomputer.com/news/software/google-begins-testing-extension-manifest-v3-in-chrome-canary/'>Google Begins Testing Extension manifest v3 in Chrome Canary\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cli>[00:12:03] \u003Ca href='https://threatpost.com/trend-micro-rogue-employee-68k-customers/149946/'>Rogue Trend Micro Employee Sold Customer Data for 68K Accounts\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cli>[00:14:54] \u003Ca href='https://threatpost.com/twitter-employees-spied-saudi-arabia/150010/'>The DoJ charges former Twitter employees for allegedly accessing thousands of accounts on behalf of Saudi Arabia.\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cli>[00:23:02] \u003Ca href='https://opensource.googleblog.com/2019/11/opentitan-open-sourcing-transparent.html?m=1'>OpenTitan – Open sourcing transparent, trustworthy, and secure silicon\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cul>\u003Cli>\u003Ca href='https://arstechnica.com/information-technology/2019/11/newly-discovered-titanium-backdoor-employs-clever-ways-to-go-undetected/'>https://arstechnica.com/information-technology/2019/11/newly-discovered-titanium-backdoor-employs-clever-ways-to-go-undetected/\u003C/a>\u003C/li>\u003C/ul>\u003Cbr />\\n\u003Cli>[00:26:34] \u003Ca href='https://opensource.googleblog.com/2019/11/opentitan-open-sourcing-transparent.html?m=1'>OpenTitan – Open sourcing transparent, trustworthy, and secure silicon\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cli>[00:29:33] \u003Ca href='https://www.sandboxie.com/'>Sandboxie transitioning to open source\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cul>\u003Cli>\u003Ca href='https://arstechnica.com/information-technology/2019/11/newly-discovered-titanium-backdoor-employs-clever-ways-to-go-undetected/'>https://arstechnica.com/information-technology/2019/11/newly-discovered-titanium-backdoor-employs-clever-ways-to-go-undetected/\u003C/a>\u003C/li>\u003C/ul>\u003Cbr />\\n\u003Cul>\u003Cli>\u003Ca href='https://securelist.com/titanium-the-platinum-group-strikes-again/94961/'>https://securelist.com/titanium-the-platinum-group-strikes-again/94961/\u003C/a>\u003C/li>\u003C/ul>\u003Cbr />\\n\u003Cul>\u003Cli>\u003Ca href='https://arstechnica.com/information-technology/2019/11/newly-discovered-titanium-backdoor-employs-clever-ways-to-go-undetected/'>https://arstechnica.com/information-technology/2019/11/newly-discovered-titanium-backdoor-employs-clever-ways-to-go-undetected/\u003C/a>\u003C/li>\u003C/ul>\u003Cbr />\\n\u003Cli>[00:44:06] \u003Ca href='https://arstechnica.com/tech-policy/2019/11/facebook-groups-api-flaw-exposed-data-to-100-developers-company-says/'>Facebook Groups API flaw exposed data to 100 developers\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cli>[00:47:47] \u003Ca href='https://lightcommands.com/'>Laser-Based Audio Injection on Voice-Controllable Systems\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cli>[00:54:07] \u003Ca href='https://arxiv.org/abs/1911.01840v1'>Who is Real Bob? Adversarial Attacks on Speaker Recognition Systems\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cli>[00:54:20] \u003Ca href='https://lightcommands.com/'>Laser-Based Audio Injection on Voice-Controllable Systems\u003C/a>\u003C/li>\u003Cbr />\\n\u003Cli>[00:57:11] \u003Ca href='https://a\\n\",\"featured\":false,\"streamurl\":\"https://anchor.fm/s/a121a24/podcast/play/8425289/https%3A%2F%2Fd3ctxlq1ktw2nl.cloudfront.net%2Fproduction%2F2019-10-13%2F34028894-44100-2-1c7e1ecd6daf4.mp3\",\"spotifyEpisodeId\":null,\"podcastId\":\"3f398076-4799-451d-ab36-504aefeaaff4\",\"podcastSlug\":\"day0-zero-days-for-day-zero\",\"podcastTitle\":\"Day[0]\",\"thumbnailName\":\"9907f710-3d9c-11ea-9ebd-01d4ad214a67\",\"itunesImageUrl\":\"https://is5-ssl.mzstatic.com/image/thumb/Podcasts125/v4/a6/69/69/a6696919-3987-fbc0-8e0c-1ba0e1349a2b/mza_6631746544165345331.jpg\",\"imageName\":\"day0-zero-days-for-day-zero-p1w37GNWBw\"}"}