This week is a shorter episode, but still some solid bugs to look at. From a full chain Chrome exploit, to a Kindle chain from remote to root and a eBPF incorrect calculation leading to OOB read/write.
\n\n[00:00:41] Albicla launch clusterfuck
\n
\n[00:04:41] [NordVPN] RCE through Windows Custom Protocol on Windows client
\n
\n[00:09:00] Chaining Multiple bugs for Unauthenticated RCE in the SolarWinds Orion Platform
\n
\n[00:18:50] The Embedded YouTube Player Told Me What You Were Watching (and more)
\n
\n[00:24:27] The State of State Machines
\n
\n[00:34:21] KindleDrip - From Your Kindle\u2019s Email Address to Using Your Credit Card
\n
\n[00:44:00] New campaign targeting security researchers
\n
\n[00:44:42] An Incorrect Calculation Bug in the Linux Kernel eBPF Verifier
\n
\n[00:49:18] Chat Question: What do we think of HackTheBox
\n
\n[00:53:51] Bad Pods: Kubernetes Pod Privilege Escalation
\n
\n[00:53:24] [Linux Kernel Exploitation 0x2] Controlling RIP and Escalating privileges via Stack Overflow
\n
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
\nOr the video archive on Youtube (@dayzerosec)