Show Notes

39 - Relyze Decompiler, jQuery XSS, Sandbox Escaping and 0-Click Mail RCE

00:00:41
Relyze Decompiler
00:22:14
Firefox's Bug Bounty in 2019 and into the Future
00:30:37
Source code for both CS:GO and TF2 Leaked
00:39:06
Fixing SQL injection vulnerability and malicious code execution in XG Firewall/SFOS
00:44:42
MSI TrueColor Unquoted Service Path Vulnerability
00:48:51
1-click RCE on Keybase
00:56:04
jQuery < 3.5 Cross-Site Scripting (XSS) in html()
Additional Links: https://xss.pwnfunction.com/challenges/ww3/
01:01:45
Multiple 0 day vulnerabilities in IBM Data Risk Manager
01:17:32
You Won't Believe what this One Line Change Did to the Chrome Sandbox
Additional Links: https://docs.microsoft.com/en-us/archive/blogs/david_leblanc/practical-windows-sandboxing-part-1
01:24:06
You’ve Got (0-click) Mail!
01:31:37
Sharing a Logon Session a Little Too Much
01:37:08
SEVurity: No Security Without Integrity - Breaking Integrity-Free Memory Encryption with Minimal Assumptions
Additional Links: https://0x0539.net/play/fangorn/crypto_cookie
01:47:18
MarkUs: Drop-in Use-After-Free Prevention for Low-Level Languages
01:54:45
Android 8.0-9.0 Bluetooth Zero-Click RCE [CVE-2020-0022]
01:57:34
Patchguard: Detection of Hypervisor Based Introspection
Additional Links: https://revers.engineering/patchguard-detection-of-hypervisor-based-instrospection-p2/
01:59:45
HITB Lockdown Livestream Day 1