This week we talk a bit about some Black Friday deals before jumping into another SD-WAN pwn, some jailbreaks, and research into automatic exploit generation.
- [00:00:40] Black Friday is coming...
- VMWare - Usually ~35% off
- Shodan - $5 lifetime, last year they ran the deal before and after Black Friday so pay attention.
- Pluralsight - 40% off
- INE - 40% off (access to all eLearnSecurity courses)
- Cybrary.it - $600 off
- PentesterLab - Last year was 13.37% off
- NoStarchPress - Last year was 42% off
- O'Reilly Online Learning - $199/year (normally $500/yr)
- Pentester Academy - 70% off (covid "perma-deal")
- [00:10:03] Oracle Security Alert - CVE-2020-14750
- https://twitter.com/chybeta/status/1323220987442208769
- [00:13:34] FileZilla "Scale Factor" field is vulnerable of Buffer Overflow
- [00:21:33] Playstation Access Token Stealing
- https://hackerone.com/reports/826394
- [00:27:54] SD-PWN Part 2 - Citrix SD-WAN Center - Another Network Takeover
- [00:37:19] Exploiting dynamic rendering engines to take control of web apps
- [00:42:34] Privileged Container Escape - Control Groups release_agent
- [00:47:23] Modern attacks on the Chrome browser
- [00:58:57] Jailbreaks Never Die - Exploiting iOS 13.7
- [01:08:27] Kernel Exploitation with a File System Fuzzer
- [01:13:57] Greybox Automatic Exploit Generation for Heap Overflows in Language Interpreters
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0])