Posts tagged 'Mixed Podcast'

In our summer recap, we discuss Phrack's latest issue and talks from the new Off-by-One conference. We also cover some interesting bugs, such as a factorio lua RCE and another RCE via iconv.

In this week's episode, we discuss Microsoft's summit with vendors on their intention to lock down the Windows kernel from endpoint security drivers and possibly anti-cheats. We also talk cryptography and about the problems of nonce reuse.

We are back and testing out a new episode format focusing more on discussion than summaries. We start talking a bit about the value of learning hacking by iterating on the same exploit and challenging yourself as a means of practicing the creative parts of exploitation. Then we dive into the recent Intel SGX fuse key leak, talk a bit about what it means, how it happened. We are seeking feedback on this format. Particularly interested in those of you with more of a bug bounty or higher-level focus if an episode like this would still be appealing? If you want to share any feedback feel free to DM us (@__zi or @specterdev) or email us at media [at] dayzerosec.com

Change is in the air for the DAY[0] podcast! In this episode, we go into some behind the scenes info on the history of the podcast, how it's evolved, and what our plans are for the future.

Another short episode this week covering graphql attacks, a couple NoSQL injections, a few misconfigurations and a cool attack to reset monotonic counters on a Mifare card.

A shorter episode, but some really cool vulns none-the-less, from mitigation bypassing on D-Link routers, to a new set of WiFi protocol design flaws.

Kicking off the week with some awesome vulns, an "almost" padding oracle in Azure Functions, a race-condition in AWS Cognito, some sound engine bugs, and a Foxit Reader Use-after-free.

Big episode this week, with a lot of discussion about CTFs, kernel drama, and Github's exploit policy. Then some really interesting exploit strategies on Tesla and Netgear, along with some simple, yet deadly issues in Wordpress and Composer.

Some drama in the Linux Kernel and so many vulns resulting in code execution in Homebrew, GitLab, an air fryer, Source engine, Super Mario Maker, Adobe Reader and the Linux Kernel.

Authentication bypasses, a Duo 2FA bypass, RCEs, a VM escape, and some reverse engineering writeups.