Podcast

Episode 25 - Project Verona, CurveBall, CableHaunt, and RCEs-a-plenty

Start off with some discussions about Google, privacy, Rust, and entitlement within open-source software. Then we look at some of the big vulns of the past week including CurveBall, CabelHaunt, and an RDP RCE.

Link

Episode 36 - Zoom-ers, VM Escapes, and Pegasus Resurfaces

First, we talk about Facebook trying to buy some spyware, and then we feast upon a number of Zoom "vulns." Follow that up wtih some interesting vulnerabilities including a hyper-visor Guest-to-host escape, a complicated Safari permissions bypass, and a Gitlab Parser Differential.

Link

Episode 34 - Pwn2Own Results, Voatz (again), some web-exploits and a code-reuse mitigation

More discussion about election hacking with Voatz undergoing a more complete security assessment, we also discuss a few interesting web attacks and end with a good discussion about a new code-reuse mitigation: Hurdle.

Link

Episode 33 - How to Hack a CTF and more (LVI, TRRespass and some web-exploits)

Start off by looking at a few Google Cloud attacks, a couple named vulns (LVI: Load Value Injection, and TRRespass) and then into some web-focused exploits including how to hack a CTF.

Link

Episode 32 - FuzzBench, MediaTek-su, Request Smuggling, and Memory Tagging

A New AMD sidechannel, and an old Intel CSME attack, a couple deserialization attacks, and a few clever but not terribly useful attacks, and some discussion about memory tagging on this weeks episode of DAY[0].

Link

Episode 31 - One-Two-Three Named Vulns (kr00k, Forgot2kEyXCHANGE, GhostCat) and more OpenSMTPD and Samsung Vulnerabilities

Join Specter and zi at they discuss several named vulns (kr00k, Forgot2kEyXCHANGE, GhostCat), the benefits of DNS-over-HTTPS, and a a few vulns in some of our regular targets: Samsung drivers, NordVPN, OpenSMTPd.

Link

Episode 30 - A Dark White-Hat hacker? and various vulns ft. Cisco, Periscope, NordVPN and Tesla/EyeQ

Keeping up our streak, we talk about some vulnerabilities in Cisco, NordVPN and Tesla, and about SlickWraps being hacked by a very dark, white-hat.

Link

Episode #29 - A New PWK/OSCP, Election Hacking, Kernel Exploits, and Fuzzing

Is the new OSCP worth-it? Can election apps be made secure? We'll talk about those questions and several kernel exploits and a few cool fuzzing innovations.

Link

Episode #28 - Hack Twitter, WhatsApp and all your Cisco phones (CDPwn) ft. GhostKnight

Android, Bluetooth, Microsoft, NordVPN, Twitter, WhatsApp, Cisco, vulns for days impacting several big names and a couple new attack ideas, blind regex injection and GhostKnight a technique to breach data integrity using speculative execution.

Link

Episode #27 - Ok Google, sudo ./hacktheplanet

Ok Google! Bypass authentication..and while we're at it, lets explot sudo and OpenSMPTD for root access. This week we dive into various code bases to explore several recent exploits that take advantage of some common yet subtle issues.

Link

Episode 26 - Return of the Zombieload, Bezos Hacked, and other exploits

This week we look at 15 CVEs this week including the new MDS Attacks/Zombieload and GhostImage a cool attack against vision-based classification systems. We also have discussion about mobile vs desktop security.

Link

Episode 35 - A shortcut (.lnk) to RCE, Pi-Hole, Shadow Stacks, and fine-grained kASLR

Is there a shortcut to RCE? Well, on Windows .LNK files could be just that. We also talk about a few others vulnerabilities impacting Windows, Pi-Hole and Netflix. And end by looking at Window's new hardware enforced Shadow Stack and a proof-of-concept for fine-grained kASLR on Linux.

Link

Episode 24 - SHA-mbles, Shitrix, Responsible Disclosure, and wtf is TikTok doing.

Start off with zi fumbling to describe Sha-mbles, but quickly get into our groove as we discuss #Shitrix, Responsible Disclosure, and other exploits.

Link

Episode 23 - First Edge bounty, Hacking Tesla, Cisco advisories, and Shadow Clones

First episode of the decade! First, CCC then some Kali news and all the technical details we can find behind several issues impacting the new Edge browser, Teslas, Cisco DC Network Manager, and others. Ending off with a discussion about a Data-Oriented Programming attack mitigation: Shadow clones.

Link

Episode 22 - PlunderVolt, Real-World Bug Hunting, Presidents Cup CTF, SockPuppet and more

Starting off the episode is a quick review of Real-World Bug Hunting before moving into this week's news and the Plundervolt vulnerability.

Link

Episode 21 - Permanent DoS, HackerOne Hacked, and Wide-OpenBSD

Permanent Android DoS vulnerability, snooping on VPN traffic, value of anti-viruses, contact-less payment vulnerabilities, and more in this episode of DAY[0]

Link

Episode 20 - CWE Top 25, Hacking Anti-Viruses and Adversarial Machine Learning Attacks

In this episode we discuss some recent news regarding encryption laws, and the DHS updating the CWE Top 25 list. Then move into a handful of exploits before ending with some discussions about defending and attacking machine learning systems.

Link

Episode 19 - What Does The NSA Say?

In this episode we discuss a recent NSA advisory regarding best practices for intercepting TLS traffic. We also take a look at a recent DOM Clobbering (XSS) finding, several VNC exploits, and end with a discussion on fuzzer performance and hardening against power-analysis side channels.

Link

Episode 16 - A Bit of everything: 0days, Breaches, Lawsuits, Attacking AI, and some insecure

Link

Episode 15 - NordVPN Again, Snowden, CPDoS, a PHP-RCE, and some console hacking

Link

Episode 14 - Linux Exploits, Secure Credentials, Side-Channels and Election(SDK) hacking

Link

Episode 13 - When your errors have errors...

Link

Episode 12 - Exploits-galore iOS (checkm8), Android, Signal, Whatsapp, PHP and more

Link