30 March 2021 Show Notes 70 - Google exposes an APT campaign, PHP owned, and Several Auth Issues 00:00:46 Google's unusual move to shut down an active counterterrorism operation being conducted by a Western democracy 00:21:48 PHP Git Compromised Additional Links: https://github.com/php/php-src/commit/2b0f239b211c7544ebc7a4cd2c977a5b7a11ed8a 00:32:24 [Google Chrome] File System Access API vulnerabilities 00:37:58 Indexing of urls on the "External link warning" pages discloses many vulnerable endpoints from the past and unlisted videos/photos 00:42:05 GHSL-2020-323: Template injection in a GitHub workflow of geek-cookbook 00:47:58 H2C Smuggling in the Wild Additional Links: https://labs.bishopfox.com/tech-blog/h2c-smuggling-request-smuggling-via-http/2-cleartext-h2c 00:53:27 H2C Smuggling in the Wild 00:57:18 Multiple Authorization bypass issues in Google's Richmedia Studio 01:06:15 DD-WRT UPNP Buffer Overflow Additional Links: https://github.com/mirror/dd-wrt/commit/da1d65a2ec471f652c77ae0067544994cdaf5e27 https://github.com/mirror/dd-wrt/blob/da1d65a2ec471f652c77ae0067544994cdaf5e27/src/router/upnp/src/ssdp.c 01:10:36 GHSL-2021-045: Integer Overflow in GLib - [CVE-2021-27219] 01:14:12 Qualcomm IPQ40xx: Analysis of Critical QSEE Vulnerabilities 01:22:50 One day short of a full chain: Part 3 - Chrome renderer RCE Additional Links: https://source.chromium.org/chromium/chromium/src/+/e4c27b508976fb751ccd4d34e52b70b668618271?originalUrl=https%2F%2F%2F%2F%2F%2F%2F:%2F%2F%2F%2F%2F%2F%2F%2F%2Fcs.chromium.org%2F 01:35:37 Chat Question: Where to learn about Windows Heap exploitation 01:39:44 Adobe Reader CoolType arbitrary stack manipulation in Type 1/Multiple Master othersubrs 14-18 01:46:26 Eliminating XSS from WebUI with Trusted Types 01:54:19 Hidden OAuth attack vectors 02:03:05 The Future of C Code Review 02:15:03 Microsoft Exchange Server-Side Request Forgery [CVE-2021-26855]