Podcasts Technology Day[0] Pwn2own, Linux Kernel Exploits, and Malicious Mail

Pwn2own, Linux Kernel Exploits, and Malicious Mail

Published: April 13, 2021, 10 p.m.

MD5 is trending in 2021...a few kernel vulnerabilities, and some drama around pwn2own.

\n

\n[00:00:26] Update on git.php.net incident
\n

    \n\t
  • https://externals.io/message/113981

    • \n
\n

\n

\n[00:06:38] Pwn2Own 2021 - Results
\n

    \n\t
  • https://www.zerodayinitiative.com/blog/2021/4/2/pwn2own-2021-schedule-and-live-results

    • \n
\n

\n

\n[00:18:53] CSGO exploit allows hackers to steal passwords, and Valve hasn't fixed it
\n

    \n\t
  • https://www.dexerto.com/csgo/csgo-exploit-allows-hackers-steal-passwords-valve-no-fix-1551056/?amp

    • \n
\n

\n

\n[00:26:20] I Built a TV That Plays All of Your Private YouTube Videos
\n

    \n\t
  • https://bugs.xdavidhu.me/google/2021/04/05/i-built-a-tv-that-plays-all-of-your-private-youtube-videos/

    • \n
\n

\n

\n[00:33:27] Leak of all accounts mail login md5 pass
\n

    \n\t
  • https://hackerone.com/reports/514488

    • \n
\n

\n

\n[00:37:11] What if you could deposit money into your Betting account for free?
\n

    \n\t
  • https://mikey96.medium.com/what-if-you-could-deposit-money-into-your-betting-account-for-free-24f6690aff46

    • \n
\n

\n

\n[00:41:41] Zero click vulnerability in Apple\u2019s macOS Mail
\n

    \n\t
  • https://mikko-kenttala.medium.com/zero-click-vulnerability-in-apples-macos-mail-59e0c14b106c

    • \n
\n

\n

\n[00:44:54] Stored XSS on the DuckDuckGo search results page
\n

    \n\t
  • https://monke.ie/duckduckgoxss/

    • \n
\n

\n

\n[00:49:13] Breaking GitHub Private Pages for $35k
\n

    \n\t
  • https://robertchen.cc/blog/2021/04/03/github-pages-xss

    • \n
\n

\n

\n[00:57:03] Royal Flush: Privilege Escalation Vulnerability in Azure Functions
\n

    \n\t
  • https://www.intezer.com/blog/cloud-security/royal-flush-privilege-escalation-vulnerability-in-azure-functions/

    • \n
\n

\n

\n[01:01:38] QNAP Pre-Auth CGI_Find_Parameter RCE
\n

    \n\t
  • https://ssd-disclosure.com/ssd-advisory-qnap-pre-auth-cgi_find_parameter-rce/

    • \n
\n

\n

\n[01:04:14] Domain Time II Upgrade Attack
\n

    \n\t
  • https://blog.grimm-co.com/2021/04/time-for-upgrade.html

    • \n
\n

\n

\n[01:07:12] Four Bytes of Power: exploiting CVE-2021-26708 in the Linux kernel
\n

    \n\t
  • https://a13xp0p0v.github.io/2021/02/09/CVE-2021-26708.html

    • \n
\n

\n

\n[01:15:57] BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution
\n

    \n\t
  • https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html

  • https://a13xp0p0v.github.io/2020/02/15/CVE-2019-18683.html

    • \n
\n

\n

\n[01:28:05] BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution
\n

    \n\t
  • https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html

    • \n
\n

\n

\n[01:29:07] Exploiting Windows RPC to bypass CFG mitigation
\n

    \n\t
  • https://iamelli0t.github.io/2021/04/10/RPC-Bypass-CFG.html

  • https://medium.com/@mxatone/mitigation-bounty-from-read-write-anywhere-to-controllable-calls-ca1b9c7c0130#.9l7ejbkij

    • \n
\n

\n

\n[01:34:00] security things in Linux v5.9
\n

    \n\t
  • https://outflux.net/blog/archives/2021/04/05/security-things-in-linux-v5-9/

  • https://github.com/gcc-mirror/gcc/commit/d10f3e900b0377b4760a090b0f90371bcef01686

  • https://twitter.com/kees_cook/status/1380271827281276928

    • \n
\n

\n

Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)

\n

Or the video archive on Youtube (@dayzerosec)