Day[0]

Project Verona, CurveBall, CableHaunt, and RCEs-a-plenty

Listen Later

Start off with some discussions about Google, privacy, Rust, and entitlement within open-source software. Then we look at some of the big vulns of the past week including CurveBall, CabelHaunt, and an RDP RCE.

 

  • [00:00:27] Chromium Blog: Building a more private web: A path towards making third party cookies obsolete

  • [00:07:05] WeLeakInfo.com Domain Name Seized

  • [00:13:39] A sad day for Rust

  • [00:25:38] GitHub - microsoft/verona: Research programming language for concurrent ownership

    • https://github.com/microsoft/verona/blob/master/docs/explore.md

  • [00:37:30] Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer

  • [00:47:16] Control Flow Integrity (CFI) in the Linux kernel

  • [00:53:54] ADV200001 | Microsoft Guidance on Scripting Engine Memory Corruption Vulnerability (CVE-2020-0674)

  • [00:57:19] Netgear TLS Private Key Disclosure through Device Firmware Images

    • https://news.ycombinator.com/item?id=22048619

    • https://github.com/ollypwn/CVE-2020-0601/blob/master/main.rb

  • [01:17:39] Cable Haunt

  • [01:27:19] RDP to RCE: When Fragmentation Goes Wrong

  • [01:31:46] Critical Auth Bypass Vulnerability In InfiniteWP Client And WP Time Capsule

  • [01:37:48] cuck00 | Twenty-twenty, bugs aplenty!

    •  

    Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)

    Or the video archive on Youtube (@DAY[0])

    ...more
    View all episodesView all episodes
    Download on the App Store
    Day[0]By dayzerosec
    • 4
    • 4
    • 4
    • 4
    • 4

    4

    10 ratings

    More shows like Day[0]

    View all
    Critical Thinking - Bug Bounty Podcast by Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)

    Critical Thinking - Bug Bounty Podcast

    56 Listeners