Hacking Voatz and Rooting Ubuntu
01:33:14 Share

Some interesting tips and tricks as we look at multiple privileges escalations from XNU to Ubuntu, Bitdefender, and Dropbox (HelloSign).

• [00:01:31] Apple allegedly not crediting researchers)

• [00:10:26] Response to Voatz's Supreme Court Amicus Brief)

• [00:23:45] Standing up for developers: youtube-dl is back)

• [00:30:05] HelloSign SSRF leads to AWS private key disclosure)

• [00:38:02] Silver Peak Unity Orchestrator RCE)

• [00:42:51] Get root by pretending nobody's /home)

• [00:48:20] Project Zero: Oops, I missed it again!)

• [00:55:12] Bitdefender: UPX Unpacking Featuring Ten Memory Corruptions)

• [01:01:07] Sleep Attack: Intel Bootguard vulnerability waking from S3)

• [01:05:56] SAD DNS Explained)

• [01:12:02] Cache-in-the-Middle (CITM) Attacks: Manipulating Sensitive Data in Isolated Execution Envrionments)

• [01:23:33] A Systematic Study of Elastic Objects in Kernel Exploitation )

Watch the DAY[0] podcast live on Twitch (@dayzerosec)) every Monday afternoon at 12:00pm PST (3:00pm EST)

Or the video archive on Youtube (@DAY[0]))