23 February 2021 Show Notes 65 - PDF Exploits, GPGME Making Mistakes EZ and Favicon Tracking 00:00:48 Brave browser leaks onion addresses in DNS traffic 00:07:05 Tales of Favicons and Caches: Persistent Tracking in Modern Browsers 00:18:12 Shadow Attacks: Hiding and Replacing Content in Signed PDFs 00:28:20 Getting Information Disclosure in Adobe Reader Through the ID Tag 00:32:42 Middleware everywhere and lots of misconfigurations to fix 00:43:05 GPGme used confusion, it's super effective ! 00:51:58 Bypassing the PIN in non-Visa Cards by Using Them for Visa Transactions 01:01:11 Hunting for bugs in Telegram's animated stickers remote attack surface 01:08:03 Expected Exploitability: Predicting the Development of Functional Vulnerability Exploits 01:20:27 Model Skewing Attacks on Machine Learning Models 01:21:37 Future of Exploit Development - 2021 and Beyond