Episode 63 - MediaTek BootROM Broken, Free Coffee, and an iOS Kernel Exploit
A lot of discussion this week about OSS security and security processes, an iOS kernel type confusion and MediaTek Bootloader bypass impacting everything since atleast 2014.
- [00:04:54] Know, Prevent, Fix: A framework for shifting the discussion around vulnerabilities in open source
- [00:15:18] Launching OSV - Better vulnerability triage for open source
- [00:22:38] Most Common Bugs of 2021 So Far
- [00:31:59] Exploiting the Nespresso smart cards for fun and coffee
- [00:39:10] Spoofing and Attacking With Skype
- [00:45:01] Getting root on webOS
- [00:51:31] Applying Offensive Reverse Engineering to Facebook Gameroom
- [00:59:36] Major Vulnerabilities Discovered in Realtek RTL8195A Wi-Fi Module
- [01:06:32] MTK Bypass Universal
- [01:14:13] Project Zero: iOS Kernel privesc with turnstiles [CVE-2020-27932]
- [01:21:41] Why Security Defects Go Unnoticed during Code Reviews?
Watch the DAY podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)