Hacking Voatz and Rooting Ubuntu
Some interesting tips and tricks as we look at multiple privileges escalations from XNU to Ubuntu, Bitdefender, and Dropbox (HelloSign). [00:01:31] Apple allegedly not crediting researchers [00:10:26] Response to Voatz's Supreme Court Amicus Brief [00:23:45] Standing up for developers: youtube-dl is back [00:30:05] HelloSign SSRF leads to AWS private key disclosure [00:38:02] Silver Peak Unity Orchestrator RCE [00:42:51] Get root by pretending nobody's /home [00:48:20] Project Zero: Oops, I missed it again! [00:55:12] Bitdefender: UPX Unpacking Featuring Ten Memory Corruptions [01:01:07] Sleep Attack: Intel Bootguard vulnerability waking from S3 [01:05:56] SAD DNS Explained [01:12:02] Cache-in-the-Middle (CITM) Attacks: Manipulating Sensitive Data in Isolated Execution Envrionments [01:23:33] A Systematic Study of Elastic Objects in Kernel Exploitation Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@DAY[0])