Download - Cross-Browser Tracking, Frag Attacks, and Malicious Rust Macros | Podbean

Discover

Podcast Features
Your all-in-one podcasting solution.

Blog to Podcast
Turn your blog into an engaging podcast.
Livestream
High-performing audio live, without limits.

Podcast Studio
Easy-to-use audio recorder app.
Podbean AI
AI-Enhanced Audio Quality and Content Generation.

Podcast App
The best podcast player & podcast app.

Ads Marketplace
Join Ads Marketplace to earn money
through sponsorship on your podcast.

PodAds
Manage your ads with dynamic ad insertion capability.
Apple Podcasts Subscriptions Integration
Effortlessly publish and manage exclusive episodes for your
Apple Podcasts subscribers directly from Podbean.
Live Streaming
Receive livestream rewards from your audience and earn
recurring income from your Fan Club membership.

All Arts Business Comedy Education
Fiction Government Health & Fitness History Kids & Family
Leisure Music News Religion & Spirituality Science
Society & Culture Sports Technology True Crime TV & Film
Live

How to Start a Podcast
How to Start a Live Podcast
How to Monetize a podcast
How to Promote Your Podcast
How to Use Group Recording

Log in
Start your podcast for free

Podcasting
Monetization
Advertisers
Enterprise
Pricing
Discover

Log in

Sign up free

Technology

Cross-Browser Tracking, Frag Attacks, and Malicious Rust Macros

2021-05-18

Download Right click and do "save link as"

A shorter episode, but some really cool vulns none-the-less, from mitigation bypassing on D-Link routers, to a new set of WiFi protocol design flaws.

[00:01:14] Security Vulnerability Detection Using Deep Learning Natural Language Processing

https://arxiv.org/abs/2105.02388v1

https://samate.nist.gov/SARD/

[00:08:12] Stealing secrets with Rust Macros proof-of-concept via VSCode

https://github.com/lucky/bad_actor_poc

[00:13:21] [GitLab] RCE when removing metadata with ExifTool

https://hackerone.com/reports/1154542

https://github.com/exiftool/exiftool/blob/11.70/lib/Image/ExifTool/DjVu.pm#L233

[00:19:47] Terminal escape injection in AWS CloudShell

https://bugs.chromium.org/p/project-zero/issues/detail?id=2154

https://github.com/c9/core/blob/master/plugins/c9.ide.terminal/aceterm/libterm.js#L1276

[00:23:54] Cross-browser tracking vulnerability in Tor, Safari, Chrome and Firefox

https://fingerprintjs.com/blog/external-protocol-flooding/

[00:34:27] Fei Protocol Flashloan Vulnerability Postmortem

https://medium.com/immunefi/fei-protocol-flashloan-vulnerability-postmortem-7c5dc001affb

https://uniswap.org/docs/v2/smart-contract-integration/providing-liquidity/

[00:44:46] One-click reflected XSS on Instagram

https://ysamm.com/?p=695

[00:47:24] D-Link Vulnerability [CVE-2021-27342]

https://blog.whtaguy.com/2021/05/d-link-router-cve-2021-27342.html

[00:51:52] Experimental Security Assessment of Mercedes-Benz Cars

https://keenlab.tencent.com/en/2021/05/12/Tencent-Security-Keen-Lab-Experimental-Security-Assessment-on-Mercedes-Benz-Cars/

https://keenlab.tencent.com/en/whitepapers/Mercedes_Benz_Security_Research_Report_Final.pdf

[01:01:08] FragAttacks: Fragmentation & Aggregation Attacks

https://github.com/vanhoefm/fragattacks

https://www.youtube.com/watch?v=OJ9nFeuitIU

[01:10:57] Dell ‘dbutil_2_3.sys’ Kernel Exploit [CVE-2021-21551]

https://connormcgarr.github.io/cve-2020-21551-sploit/

[01:11:45] googleprojectzero/Hyntrospect

https://github.com/googleprojectzero/Hyntrospect

[01:13:01] IDA Free w/ Cloud Decompiler Dropped

https://www.hex-rays.com/ida-free/

Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)

Or the video archive on Youtube (@dayzerosec)

view more

More Episodes

[binary] NimbusPwn, a CLFS Vulnerability, and DatAFLow (Fuzzing)

2022-05-05

[bounty] XSS for NFTs, a VMWare Workspace ONE UEM SSRF, and GitLab CI Container Escape

2022-05-03

[binary] Getting into Vulnerability Research and a FUSE use-after-free

2022-04-28

[bounty] A Struts RCE, Broken Java ECDSA (Psychic Signatures) and a Bad Log4Shell Fix

2022-04-26

[binary] Another iOS Bug and Edge Chakra Exploitation

2022-04-21

[bounty] Taking Over an Internal AWS Service and an Interesting XSS Vector

2022-04-19

[binary] A subtle iOS parsing bug and a PHP use-after-free

2022-04-14

[bounty] A Double-Edged SSRF, Pritunl VPN LPE, and a NodeBB Vuln

2022-04-12

[binary] FORCEDENTRY Sandbox Escape and NetFilter Bugs

2022-04-07

[bounty] Spring4Shell, PEAR Bugs, and GitLab Hardcoded Passwords

2022-04-05

[binary] Pwning WD NAS, NetGear Routers, and Overflowing Kernel Pages

2022-03-31

[bounty] GitLab Arbitrary File Read and Bypassing PHP's filter_var

2022-03-29

[binary] Chrome Heap OOB Access and TLStorm

2022-03-24

[bounty] DOMPDF XSS to RCE, Chrome Leaking Envrionment Vars, and cr8escape

2022-03-22

[binary] A Windows UAF, Branch Prediction Bugs, and an io_uring Exploit

2022-03-17

[bounty] Pascom RCE, AutoWarp, and a GKE Container Escape

2022-03-15

[binary] Dirty Pipe and Analyzing Memory Tagging

2022-03-10

[bounty] Facebook Exploits, pfSense RCE, and MySQLjs SQLi

2022-03-08

[binary] ImageGear JPEG Vulns, NetFilter, and a LibCurl Memory Disclosure

2022-03-03

[bounty] DynamicWeb RCE, VMWare Bugs, and Exploiting GitHub Actions

2022-03-01

←
2
3
4
5
6
7
8
9
10
11
→

012345678910111213141516171819

Get this podcast on your
phone, FREE

Download Podbean app on App Store

Download Podbean app on Google Play

Create your
podcast in
minutes

Full-featured podcast site
Unlimited storage and bandwidth
Comprehensive podcast stats
Distribute to Apple Podcasts, Spotify, and more
Make money with your podcast

Get started

It is Free

Podcast Services
MONETIZATION & MORE
KNOWLEDGE BASE
Support
Podbean

Privacy Policy
Cookie Policy
Terms of Use
Consent Preferences
Copyright © 2015-2024 Podbean.com