A Dark White-Hat hacker? and various vulns ft. Cisco, Periscope, NordVPN and Tesla/EyeQ
02:00:52 Share

Keeping up our streak, we talk about some vulnerabilities in Cisco, NordVPN and Tesla, and about SlickWraps being hacked by a very dark, white-hat.

• [00:02:32] Humble Book Bundle: Cybersecurity 2020 by Wiley)

• [00:11:31] Google Summer of Code 2020)

• https://radare.org/gsoc/2020/)

• [00:23:01] Critical Issue In ThemeGrill Demo Importer)

• [00:28:48] Cisco Security Advisory: Cisco Smart Software Manager On-Prem Static Default Credential Vulnerability)

• [00:32:19] nordvpn Linux Desktop executable application does not use pie / no ASLR)

• [00:40:57] Race condition (TOCTOU) in NordVPN can result in local privilege escalation)

• [00:49:17] Periscope android app deeplink leads to CSRF in follow action)

• [00:54:01] I hacked SlickWraps. This is how. - Lynx0x00 - Medium)

• https://files.catbox.moe/fxn9r2.pdf)

• [01:10:23] Model Hacking ADAS to Pave Safer Roads for Autonomous Vehicles )

• [01:18:31] Edge CVE-2020-0767 RCE POC)

• [01:22:02] GadgetProbe: Exploiting Deserialization to Brute-Force the Remote Classpath)

• [01:28:37] CopyCat: Controlled Instruction-Level Attacks on Enclaves for Maximal Key Extraction)

• [01:37:31] MEUZZ: Smart Seed Scheduling for Hybrid Fuzzing)

• [01:49:36] pwn.college BETA)

• [01:53:17] Microcontroller Readback Protection: Bypasses and Defenses)

• [01:54:00] Libxml2 Tutorial | AFLplusplus)

• [01:56:06] Booting iOS on QEMU Research Slides)

• https://github.com/alephsecurity/confs/blob/master/OFFENSIVE20/offensive-20-ios-qemu.pdf)

• https://github.com/alephsecurity/xnu-qemu-arm64)

Watch the DAY[0] podcast live on Twitch (@dayzerosec)) every Monday afternoon at 12:00pm PST (3:00pm EST)

Or the video archive on Youtube (@DAY[0]))