12 January 2021 Show Notes 59 - Universal Deserialization, Stealing Youtube Videos, and CTFs 00:00:36 Cybersecurity Knowledge and Skills Taught in Capture the Flag Challenges 00:10:36 Universal Deserialisation Gadget for Ruby 2.x-3.x 00:13:54 Stealing Your Private YouTube Videos, One Frame at a Time 00:21:43 Rocket.chat - SAML authentication bypass 00:25:49 curl is vulnerable to SSRF due to improperly parsing the host component of the URL 00:31:02 Issue 2095: Node.js: use-after-free in TLSWrap 00:35:28 Preventing Use-After-Free Attacks with Fast Forward Allocation 00:49:38 Automatic Techniques to Systematically Discover New Heap Exploitation Primitives 00:59:50 A Samsung RKP Compendium 01:11:32 Analyzing CVE-2020-16040 01:13:51 HexLasso Online 01:15:30 A Side Journey to Titan