Broadcasts.com - "MediaTek BootROM Broken, Free Coffee, and an iOS Kernel Exploit" (Day[0])

Technology
SEE MORE
- classical
- general
- talk
- News
- Family
- Bürgerfunk
- pop
- Islam
- soul
- jazz
- Comedy
- humor
- wissenschaft
- opera
- baroque
- gesellschaft
- theater
- Local
- alternative
- electro
- rock
- rap
- lifestyle
- Music
- como
- RNE
- ballads
- greek
- Buddhism
- deportes
- christian
- piano
- djs
- Dance
- dutch
- flamenco
- social
- hope
- christian rock
- academia
- afrique
- Business
- musique
- ελληνική-μουσική
- religion
- World radio
- Zarzuela
- travel
- World
- NFL
- media
- Art
- public
- Sports
- Gospel
- st.
- baptist
- Leisure
- Kids & Family
- musical
- club
- Culture
- Health & Fitness
- True Crime
- Fiction
- children
- Society & Culture
- TV & Film
- gold
- kunst
- música
- gay
- Natural
- a
- francais
- bach
- economics
- kultur
- evangelical
- tech
- Opinion
- Government
- gaming
- College
- technik
- History
- Jesus
- Health
- movies
- radio
- services
- Church
- podcast
- Education
- international
- Transportation
- Other
- kids
- podcasts
- philadelphia
- Noticias
- love
- sport
- Salud
- film
- and
- 4chan
- Disco
- Stories
- fashion
- Arts
- interviews
- hardstyle
- entertainment
- humour
- medieval
- literature
- alma
- Cultura
- video
- TV
- Science
- en

MediaTek BootROM Broken, Free Coffee, and an iOS Kernel Exploit

Published: Feb. 9, 2021, 11 p.m.

A lot of discussion this week about OSS security and security processes, an iOS kernel type confusion and MediaTek Bootloader bypass impacting everything since atleast 2014.

\n[00:04:54] Know, Prevent, Fix: A framework for shifting the discussion around vulnerabilities in open source
\n

https://security.googleblog.com/2021/02/know-prevent-fix-framework-for-shifting.html

\n[00:15:18] Launching OSV - Better vulnerability triage for open source
\n

https://security.googleblog.com/2021/02/launching-osv-better-vulnerability.html

\n[00:22:38] Most Common Bugs of 2021 So Far
\n

https://www.bugcrowd.com/blog/common-bugs-of-2021/

\n[00:31:59] Exploiting the Nespresso smart cards for fun and coffee
\n

https://pollevanhoof.be/nuggets/smart_cards/nespresso

\n[00:39:10] Spoofing and Attacking With Skype
\n

https://blog.thecybersecuritytutor.com/spoofing-and-attacking-with-skype/

\n[00:45:01] Getting root on webOS
\n

https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html

\n[00:51:31] Applying Offensive Reverse Engineering to Facebook Gameroom
\n

https://spaceraccoon.dev/applying-offensive-reverse-engineering-to-facebook-gameroom

\n[00:59:36] Major Vulnerabilities Discovered in Realtek RTL8195A Wi-Fi Module
\n

https://www.vdoo.com/blog/realtek-rtl8195a-vulnerabilities-discovered

\n[01:06:32] MTK Bypass Universal
\n

https://megafon929.github.io/mtk

\n[01:14:13] Project Zero: iOS Kernel privesc with turnstiles [CVE-2020-27932]
\n

https://googleprojectzero.blogspot.com/p/rca-cve-2020-27932.html

https://googleprojectzero.blogspot.com/p/rca.html

\n[01:21:41] Why Security Defects Go Unnoticed during Code Reviews?
\n

http://amiangshu.com/papers/paul-ICSE-2021.pdf

Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)

Or the video archive on Youtube (@dayzerosec)