Jailbreaks, Stealing Playstation Accounts, and Automatic Exploit Generation

This week we talk a bit about some Black Friday deals before jumping into another SD-WAN pwn, some jailbreaks, and research into automatic exploit generation.

[00:00:40] Black Friday is coming...VMWare - Usually ~35% off

Shodan - $5 lifetime, last year they ran the deal before and after Black Friday so pay attention.

Pluralsight - 40% off

INE - 40% off (access to all eLearnSecurity courses)

Cybrary.it - $600 off

PentesterLab - Last year was 13.37% off

NoStarchPress - Last year was 42% off

O'Reilly Online Learning - $199/year (normally $500/yr)

Pentester Academy - 70% off (covid "perma-deal")

[00:10:03] Oracle Security Alert - CVE-2020-14750https://twitter.com/chybeta/status/1323220987442208769

[00:13:34] FileZilla "Scale Factor" field is vulnerable of Buffer Overflow

[00:21:33] Playstation Access Token Stealinghttps://hackerone.com/reports/826394

[00:27:54] SD-PWN Part 2 - Citrix SD-WAN Center - Another Network Takeover

[00:37:19] Exploiting dynamic rendering engines to take control of web apps

[00:42:34] Privileged Container Escape - Control Groups release_agent

[00:47:23] Modern attacks on the Chrome browser

[00:58:57] Jailbreaks Never Die - Exploiting iOS 13.7

[01:08:27] Kernel Exploitation with a File System Fuzzer

[01:13:57] Greybox Automatic Exploit Generation for Heap Overflows in Language Interpreters

Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)

Or the video archive on Youtube (@DAY[0])