Big episode this week, with a lot of discussion about CTFs, kernel drama, and Github's exploit policy. Then some really interesting exploit strategies on Tesla and Netgear, along with some simple, yet deadly issues in Wordpress and Composer.

[00:00:32] An Update on the UMN Affair

https://lwn.net/SubscriberLink/854645/334317047842b6c3/

https://www-users.cs.umn.edu/%7Ekjlu/papers/full-disclosure.pdf

[00:11:29] [GitHub] Exploits and Malware Policy Updates

https://github.com/github/site-policy/pull/397

https://github.com/github/site-policy/pull/397/commits/f220679709b60dd4d6b34465a56b89bb79efcfe6#diff-24d72c4cb9785e60d5cbf50905291a5e079f4efd8c03f67904077cc2af4b8412L34

[00:18:22] OOO - DEF CON CTF

https://oooverflow.io/

https://twitter.com/oooverflow/status/1388920554111987715

[00:34:23] BadAlloc - Memory Allocation Vulnerabilities

https://msrc-blog.microsoft.com/2021/04/29/badalloc-memory-allocation-vulnerabilities-could-affect-wide-range-of-iot-and-ot-devices-in-industrial-medical-and-enterprise-networks/

https://us-cert.cisa.gov/ics/advisories/icsa-21-119-04

[00:40:15] I See Dead μops: Leaking Secrets via Intel/AMDMicro-Op Caches

http://www.cs.virginia.edu/venkat/papers/isca2021a.pdf

https://comparch.org/2021/05/01/i-see-dead-uops-thoughts-on-the-latest-spectre-paper-targeting-uop-caches/

[00:54:43] Brave - Stealing your cookies remotely

https://infosecwriteups.com/brave-stealing-your-cookies-remotely-1e09d1184675

[00:57:37] Facebook account takeover due to unsafe redirects after the OAuth flow

https://ysamm.com/?p=667

[01:03:11] WordPress 5.7 XXE Vulnerability

https://blog.sonarsource.com/wordpress-xxe-security-vulnerability/

[01:05:43] PHP Supply Chain Attack on Composer

https://blog.sonarsource.com/php-supply-chain-attack-on-composer

[01:10:25] Multiple Issues in Libre Wireless LS9 Modules

https://www.iot-inspector.com/blog/advisory-multiple-issues-libre-wireless-ls9/

[01:14:50] macOS Gatekeeper Bypass

https://objective-see.com/blog/blog_0x64.html

https://cedowens.medium.com/macos-gatekeeper-bypass-2021-edition-5256a2955508

[01:19:28] Linux Kernel /proc/pid/syscall information disclosure vulnerability

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1211

[01:24:08] Remote Zero-Click Exploit in Tesla Automobiles

https://kunnamon.io/tbone/

[01:31:00] NETGEAR Nighthawk R7000 httpd PreAuth RCE

https://ssd-disclosure.com/ssd-advisory-netgear-nighthawk-r7000-httpd-preauth-rce/

[01:34:43] Parallels Desktop RDPMC Hypercall Interface and Vulnerabilities

https://www.zerodayinitiative.com/blog/2021/4/26/parallels-desktop-rdpmc-hypercall-interface-and-vulnerabilities

[01:39:24] Exploiting Undocumented Hardware Blocks in the LPC55S69

https://oxide.computer/blog/lpc55/

[01:40:05] python stdlib "ipaddress" - Improper Input Validation [CVE-2021-29921]

https://sick.codes/sick-2021-014/

[01:40:35] Ham Hacks: Breaking Into Software-defined Radio

https://labs.bishopfox.com/industry-blog/ham-hacks-breaking-into-software-defined-radio

[01:41:59] gand3lf/heappy: A happy heap editor to support your exploitation process

https://github.com/Gand3lf/heappy

[01:43:38] LiveQL Episode II: The Rhino in the room

https://securitylab.github.co

Rss Apple Podcaster
Podden och tillhörande omslagsbild på den här sidan tillhör dayzerosec. Innehållet i podden är skapat av dayzerosec och inte av, eller tillsammans med, Poddtoppen.