Episode 31 - One-Two-Three Named Vulns (kr00k, Forgot2kEyXCHANGE, GhostCat) and more OpenSMTPD and Samsung Vulnerabilities
![DAY[0] Discord](/social/discord.png)
Join Specter and zi at they discuss several named vulns (kr00k, Forgot2kEyXCHANGE, GhostCat), the benefits of DNS-over-HTTPS, and a a few vulns in some of our regular targets: Samsung drivers, NordVPN, OpenSMTPd.
- [00:01:23] Facial-Recognition Company That Works With Law Enforcement Says Entire Client List Was Stolen
- [00:06:23] Firefox continues push to bring DNS over HTTPS by default for US users
- [00:19:17] Securing Memory at EPYC Scale
- [00:26:40] How a Hacker's Mom Broke Into a Prison—and the Warden's Computer
- [00:29:22] kr00k | ESET
- [00:33:24] CVE-2020-0688: Remote Code Execution on Microsoft Exchange Server Through Fixed Cryptographic Keys
- [00:37:51] CVE-2020-1938: Ghostcat vulnerability
- [00:46:26] LPE and RCE in OpenSMTPD's default install (CVE-2020-8794)
- [00:55:53] Blind SSRF on debug.nordvpn.com due to misconfigured sentry instance
- [01:00:40] x-request-id header reflected in server response without sanitization
- [01:06:04] Malformed .BMP file in Counter-Strike 1.6 may cause shellcode injection
- [01:13:06] Samsung Kernel /dev/hdcp2 hdcp_session_close() Race Condition
- [01:15:09] Samsung Kernel Arbitrary /dev/vipx / /dev/vertex kfree
- [01:18:44] Samsung Kernel /dev/vipx Pointer Leak
- [01:22:31] HFL: Hybrid Fuzzing on the Linux Kernel – NDSS Symposium
- [01:30:42] Et Tu Alexa? When Commodity WiFi Devices Turn into Adversarial Motion Sensors
- [01:38:37] Evasion techniques
- [01:39:41] Hacking Unicode Like a Boss
- [01:43:15] Pwning VMware, Part 2: ZDI-19-421, a UHCI bug | nafod
- [01:44:58] Intro to chrome's v8 from an exploit development angle
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)