18 February 2020 Show Notes 29 - A New PWK/OSCP, Election Hacking, Kernel Exploits, and Fuzzing 00:00:31 PWK and the OSCP Certification | Offensive Security 00:16:31 Rescheduling Root KSK Ceremony 40 00:20:23 The Ballot is Busted Before the Blockchain:A Security Analysis of Voatz Additional Links: https://blog.voatz.com/?p=1209 00:49:33 Lateral movement via MSSQL: a tale of CLR and socket reuse 00:55:59 Fix for CVE-2018-12122 can be bypassed via keep-alive requests 01:00:36 A Trivial Privilege Escalation Bug in Windows Service Tracing (CVE-2020-0668) Additional Links: https://googleprojectzero.blogspot.com/2018/08/windows-exploitation-tricks-exploiting.html 01:05:09 Intel CSME Escalation of Privilege 01:07:49 Project Zero: A day^W^W Several months in the life of Project Zero 01:19:02 Project Zero: Mitigations are attack surface, too Additional Links: https://packetstormsecurity.com/files/156316/Samsung-Kernel-PROCA-Use-After-Free-Double-Free.html 01:33:50 Samsung SEND_FILE_WITH_HEADER Use-After-Free 01:36:00 Samsung /dev/tsmux Heap Out-Of-Bounds Write 01:40:03 Exploiting a Linux kernel vulnerability in the V4L2 subsystem (CVE-2019-18683) 01:45:18 KOOBE: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities 01:54:14 HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing 01:58:22 HYPER-CUBE: High-Dimensional Hypervisor Fuzzing 02:02:29 FIDO2 Deep Dive: Attestations, Trust model and Security 02:03:12 Hypervisor Necromancy; Reanimating Kernel Protectors