Relyze Decompiler, jQuery XSS, Sandbox Escaping and 0-Click Mail RCE

Since we forgot to cover it when it came out, we look at Relyze's new decompiler that is available on the free version. There is also some sandbox escaping, some crypto issues (AMD's SME/SEV) and even some IBM 0days.

[00:00:33] Relyze Decompiler

[00:22:06] Firefox's Bug Bounty in 2019 and into the Future

[00:30:29] Source code for both CS:GO and TF2 Leaked

[00:38:58] Fixing SQL injection vulnerability and malicious code execution in XG Firewall/SFOS

[00:44:34] MSI TrueColor Unquoted Service Path Vulnerability

[00:48:43] 1-click RCE on Keybase

[00:55:56] jQuery < 3.5 Cross-Site Scripting (XSS) in html()

• https://xss.pwnfunction.com/challenges/ww3/

[01:01:37] Multiple 0 day vulnerabilities in IBM Data Risk Manager

[01:17:24] You Won't Believe what this One Line Change Did to the Chrome Sandbox

• https://docs.microsoft.com/en-us/archive/blogs/david_leblanc/practical-windows-sandboxing-part-1

[01:23:58] You’ve Got (0-click) Mail!

[01:31:29] Sharing a Logon Session a Little Too Much

[01:37:00] SEVurity: No Security Without Integrity - Breaking Integrity-Free Memory Encryption with Minimal Assumptions

• https://0x0539.net/play/fangorn/crypto_cookie

[01:47:10] MarkUs: Drop-in Use-After-Free Prevention for Low-Level Languages

[01:54:37] Android 8.0-9.0 Bluetooth Zero-Click RCE [CVE-2020-0022]

[01:57:26] Patchguard: Detection of Hypervisor Based Introspection

• https://revers.engineering/patchguard-detection-of-hypervisor-based-instrospection-p2/

[01:59:37] HITB Lockdown Livestream Day 1

Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)

Or the video archive on Youtube (@DAY[0])