Episode 24 - SHA-mbles, Shitrix, Responsible Disclosure, and wtf is TikTok doing.
Watch live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
- [00:00:35] SHA-1 is a Shambles
- [00:14:50] Government-funded phones come pre-installed with unremovable malware
- [00:22:09] Security Vulnerabilities fixed in Firefox 72.0.1 and Firefox ESR 68.4.1 — Mozilla
- [00:27:02] CVE-2019-19781 - Vulnerability in Citrix Application Delivery Controller and Citrix Gateway
- [00:38:20] Project Zero: Policy and Disclosure: 2020 Edition
- [00:52:07] Privileged Access Never (PAN) - Another day, another broken mitigation.
- [00:57:43] Tik or Tok? Is TikTok secure enough?
- [01:18:33] Fortinet FortiSIEM Hardcoded SSH Key
- [01:22:58] Project Zero: Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
- [01:32:00] WAF-A-MoLE: Evading Web Application Firewalls through Adversarial Machine Learning
- [01:36:00] QSOR: Quantum-Safe Onion Routing
- [01:45:09] Browser Games Aren't an Easy Target
- [01:46:31] Reverse engineering RNG in a GBA game