Broadcasts.com - "Zoom-ers, VM Escapes, and Pegasus Resurfaces" (Day[0])

Technology
SEE MORE
- classical
- general
- talk
- News
- Family
- Bürgerfunk
- pop
- Islam
- soul
- jazz
- Comedy
- humor
- wissenschaft
- opera
- baroque
- gesellschaft
- theater
- Local
- alternative
- electro
- rock
- rap
- lifestyle
- Music
- como
- RNE
- ballads
- greek
- Buddhism
- deportes
- christian
- piano
- djs
- Dance
- dutch
- flamenco
- social
- hope
- christian rock
- academia
- afrique
- Business
- musique
- ελληνική-μουσική
- religion
- World radio
- Zarzuela
- travel
- World
- NFL
- media
- Art
- public
- Sports
- Gospel
- st.
- baptist
- Leisure
- Kids & Family
- musical
- club
- Culture
- Health & Fitness
- True Crime
- Fiction
- children
- Society & Culture
- TV & Film
- gold
- kunst
- música
- gay
- Natural
- a
- francais
- bach
- economics
- kultur
- evangelical
- tech
- Opinion
- Government
- gaming
- College
- technik
- History
- Jesus
- Health
- movies
- radio
- services
- Church
- podcast
- Education
- international
- Transportation
- Other
- kids
- podcasts
- philadelphia
- Noticias
- love
- sport
- Salud
- film
- and
- 4chan
- Disco
- Stories
- fashion
- Arts
- interviews
- hardstyle
- entertainment
- humour
- medieval
- literature
- alma
- Cultura
- video
- TV
- Science
- en

Zoom-ers, VM Escapes, and Pegasus Resurfaces

Published: April 7, 2020, 10 p.m.

First, we talk about Facebook trying to buy some spyware, and then we feast upon a number of Zoom "vulns." Follow that up with some interesting vulnerabilities including a hyper-visor Guest-to-host escape, a complicated Safari permissions bypass, and a Gitlab Parser Differential.

[00:09:31] Facebook tried to buy NSO Group's iOS spyware to monitor iPhone users
\n\t
[00:14:49] Move Fast & Roll Your Own Crypto: A Quick Look at the Confidentiality of Zoom Meetings
\n\t
[00:28:28] Security Vulnerabilities fixed in Firefox 74.0.1 and Firefox ESR 68.6.1
\n\t
[00:33:20] Bug bounty platforms buy researcher silence, violate labor laws, critics say
\n\t
[00:53:56] Zoom NTLM Hash Leak
\n\t
[00:59:44] The 'S' in Zoom, Stands for Security
\n\t
[01:05:52] Use-After-Free Vulnerability in the VMware Workstation DHCP Component [CVE-2020-3947]
\n\t
- https://www.vmware.com/security/advisories/VMSA-2020-0004.html
- https://www.zerodayinitiative.com/advisories/ZDI-20-298/
[01:15:38] Exploiting SMBGhost for a Local Privilege Escalation [CVE-2020-0796]
\n\t
[01:26:31] How to exploit parser differentials
\n\t
[01:37:07] Unauthorized Camera access on iOS and macOS
\n\t
[01:49:07] [Slack] Relative Path Vulnerability Results in Arbitrary Command Execution/Privilege Escalation
\n\t
[01:54:21] Physically Realizable Adversarial Examples for LiDAR Object Detection
\n\t
[02:01:39] Attack matrix for Kubernetes
\n\t
[02:03:34] Project Zero: TFW you-get-really-excited-you-patch-diffed-a-0day-used-in-the-wild-but-then-find-out-it-is-the-wrong-vuln
\n\t
[02:04:13] Tale of two hypervisor bugs - Escaping from FreeBSD bhyve
\n\t
[02:08:21] So you want to be a web security researcher?
\n\t

Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)

Or the video archive on Youtube (@DAY[0])