201 - Bamboozling Bing and a Curl Gotcha

Some audio issues this week, sorry for the ShareX sound. But we have a few interesting issues. A curl quirk that it might be useful to be aware of, Azure Pipelines vulnerability abusing attacker controlled logging. A look at a pretty classic Android/mobile bug, and a crazy auth misconfiguration (BingBang).
 

200 Episodes of Dayzerosec

A look back at some statistics from our first 200 episodes of the dayzerosec podcast.
 

199 - Bypassing CloudTrail and Tricking GPTs

We are back with more discussion about applying AI/ChatGPT to security research, but before that we have a few interesting vulnerabilities. An OTP implementation that is too complex for its own good, a directory traversal leading to a guest to host VM escape, and server-side mime-sniffing.
 

198 - TOCTOUs in Intel SMM and Shannon Baseband Bugs

We've got a pretty nice root/super-use check bypass in XNU this week, and a sort of double fetch issue in Intel's SMM leading to a potential privilege escalation into the Management system. We've also got a few meme-able Shannon Baseband issues and some tough to exploit out of bound reads in MIT Kerberos V5.
 
3
4
5
6
7
8
9
10
11
12
13