This week we talk a bit about newly released Black Hat 2020 and NDSS 2021 presentation videos, before jumping into several pre-auth RCEs, and some interesting exploitation research to bring a PAC enforced Shadow Stack to ARM and an examination of JSON parser interoperability issues.
[00:00:41] Microsoft open sources CodeQL queries used to hunt for Solorigate activity
[00:04:16] Black Hat USA 2020
[00:13:56] Cookie poisoning leads to DOS and Privacy Violation
[00:16:37] Unauthorized RCE in VMware vCenter
[00:20:01] A Fifteen-Year-Old RCE Bug Returns in ISC BIND Server [CVE-2020-8625]
[00:25:42] Arbitrary File Write on packagecontrol.io (Sublime Text)
[00:30:31] [Uber] PreAuth RCE on Palo Alto GlobalProtect
[00:35:26] The little bug that couldn't: Securing OpenSSL
[00:41:49] PACStack: an Authenticated Call Stack
[00:56:29] An Exploration of JSON Interoperability Vulnerabilities
[01:03:59] Top 10 web hacking techniques of 2020
[01:05:50] OST 2.0 Beta Spots Open
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@dayzerosec)
