Episode 12

Exploits-galore iOS (checkm8), Android, Signal, Whatsapp, PHP and more

Watch the podcast live every Monday afternoon at 12:00pm PST (3:00pm EST) on Twitch (@Dayzerosec)

[00:00:40] What happened while we were gone. ft. Defcon and Blackhat discussion

[00:20:10] Checkm8 - iPhone bootROM exploit

[00:28:52] iPhone A11 debug registers allow full-featured kernel debugging

[00:32:52] Android: Use-After-Free in Binder driver

[00:39:36] PHP 7.0-7.3 disable_functions bypass

[00:51:49] An Empirical Study of C++ Vulnerabilities in Crowd-Sourced Code Examples

[01:03:18] Signal RTP is processed before call is answered

[01:08:47] Whatsapp RCE

[01:14:58] Attacking CNN-based anti-spoofing face authentication in the physical domain

[01:22:52] The Kernel Concurrency Sanitizer (KCSAN)

[01:30:36] Eradicating Attacks on the Internal Network with Internal Network Policy

[01:39:22] Analyzing Control Flow Integrity with LLVM-CFI