Bhyves and Evil LEDs (+Roulette)
01:39:25 Share

A "trivial" Bhyve VM escape, a BitWarden "RCE", a ModSecurity "Denial of Service" and more scare quotes for your enjoyment in this week's episode.

• [00:00:33] Patient Dies After Ransomware Attack)

• [00:08:05] Zerologon [CVE-2020-1472])

• [00:14:29] BitWarden Blind HTTP GET SSRF)

• https://github.com/bitwarden/server/pull/812/commits/f094b76b6638932b13bb5ed2d9295185c54ce332)

• https://github.com/bitwarden/desktop/issues/552)

• [00:23:40] Apache + PHP under v7.4.10 open_basedir bypass)

• [00:29:59] ModSecurity v3 Affected By DoS (Severity HIGH) [CVE-2020-15598])

• [00:38:09] Bhyve VM Escape)

• https://bsdsec.net/articles/freebsd-announce-freebsd-security-advisory-freebsd-sa-20-29-bhyve_svm)

• [00:42:59] Webkit aboutBlankURL() code execution vulnerability)

• [00:48:28] CVE-2020-9964 - An iOS infoleak)

• [00:51:44] Online Casino Roulette - A guideline for pen testers)

• [00:56:40] Light Can Hack Your Face! Black-box Backdoor Attack on Face Recognition)

• [01:03:06] UniFuzz: Optimizing Distributed Fuzzing via Dynamic Centralized Task Scheduling)

• [01:12:07] FANS: Fuzzing Android Native System Services via Automated Interface Analysis)

• https://github.com/iromise/fans)

• [01:19:52] OneFuzz framework, an open source developer tool to find and fix bugs at scale)

• https://github.com/microsoft/onefuzz)

• [01:28:35] Finding Australian Prime Minister Tony Abbott's passport number)

• [01:34:08] ARM64 Reversing and Exploitation)

• [01:37:25] Hypervisor Exploitation Compiled Research List)

• https://github.com/bitwarden/server/pull/812/commits/f094b76b6638932b13bb5ed2d9295185c54ce332)

Watch the DAY[0] podcast live on Twitch (@dayzerosec)) every Monday afternoon at 12:00pm PST (3:00pm EST)

Or the video archive on Youtube (@DAY[0]))