Podcast Episodes (Page 17)

Log4Shell RCE spawns a lot of discussion this episode, but we also look at a W10 RCE, Google SSRF and some CSS injection in uBlock.

A few easy issues this week, but some discussion about fuzzing campaigns and measurements and bypassing modern mitigations.

Some readily understood vulnerabilities, but with some interesting impacts, from escalating self-XSS to cross-account CSRF, data exfiltration with CSS, web-cache poisoning and MFA bypassing.

Starting off this week with the new humble bundle and some discussion about hacking books. Then onto the vulns, some OOB access, uninitalized memory, and iOS exploit strategy.

Short but sweet episode this week, prototype pollution, crypto issues, SSRF and some weird authentication.

Some mroe kernel bugs this week as we look at bugs in Samsung's NPU driver (Android), Linux, and the WIndows Kernel.

What happens when a vendor refused to fix your bug? Well you can go claim a bunch of bounties with it. We also talk about some novel request smuggling research on this episode.

North Korea is at it again targeting researchers, 0day hoarding, breaching secure hardware, and fuzzing on this weeks episode.

We are joined by Bastian Gruber to start the episode with a discussion about Rust. Then we'll dive into a few interesting vulnerabilities this week including yet another ECDSA implementation issue and some header smuggling research.

Some interesting vulnerability envrionments this week, some Trusted App issues, a couple Linux Kernel vulns, and a look at memory safety issues in unsafe Rust.