Good podcast? Give it some love!
dayzerosec
Day[0]Episodes
Episodes of Day[0]
Mark All
Search Episodes...
Change is in the air for the DAY[0] podcast! In this episode, we go into some behind the scenes info on the history of the podcast, how it's evolved, and what our plans are for the future.Links and vulnerability summaries for this episode are
Bit of a lighter episode this week with a Linux Kernel ASLR bypass and a clever exploit to RCE FortiGate SSL VPN.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/252.html[00:00:00] Introduc
In this week's bounty episode, an attack takes an XSS to RCE on Mailspring, a simple MFA bypass is covered, and a .NET CRLF injection is detailed in its FTP functionality.Links and vulnerability summaries for this episode are available at: ht
In the 250th episode, we have a follow-up discussion to our "Future of Exploit Development" video from 2020. Memory safety and the impacts of modern mitigations on memory corruption are the main focus.
In this episode we have an libXPC root privilege escalation, a run-as debuggability check bypass in Android, and digital lockpicking on smart locks.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/po
In this week's binary episode, Binary Ninja Free releases along with Binja 4.0, automated infoleak exploit generation for the Linux kernel is explored, and Nintendo sues Yuzu.Links and vulnerability summaries for this episode are available at
A shorter episode this week, featuring some vulnerabilities impacting Google's AI and a SAML auth bypass.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/247.html[00:00:00] Introduction[00
VirtualBox has a very buggy driver, PostgreSQL has an Out of Bounds Access, and lifetime issues are demonstrated in Rust in "safe" code.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/246.ht
This week's episode features a cache deception issue, Joomla inherits a PHP bug, and a DOM clobbering exploit. Also covered is a race condition in Chrome's extension API published by project zero.Links and vulnerability summaries for this epi
Linux becomes a CNA and takes a stance on managing CVEs for themselves, and underutilized fuzzing strategies are discussed.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/244.html[00:00:00
In this bounty episode, some straightforward bugs were disclosed in GhostCMS and ClamAV, and Portswigger publishes their top 10 list of web hacking techniques from 2023.Links and vulnerability summaries for this episode are available at: http
Google makes some changes to their kCTF competition, and a few kernel bugs shake out of the LogMeIn and wlan VFS drivers.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/242.html[00:00:00]
DEF CON moves venues, the Canadian government moves to ban Flipper Zero, and some XSS issues affect Microsoft Whiteboard and Meta's Excalidraw.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast
Libfuzzer goes into maintenance-only mode and syslog vulnerabilities plague some vendors in this week's episode.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/240.html[00:00:00] Introduct
This week we have a crazy crypto fail where some Android devices had updates signed by publicly available private keys, as well as some Docker container escapes.Links and vulnerability summaries for this episode are available at: https://dayz
This week's binary episode features a range of topics from discussion on Pwn2Own's first automotive competition to an insane bug that broke ASLR on various Linux systems. At the lower level, we also have some bugs in UEFI, including one that ca
A packed episode this week as we cover recent vulnerabilities from the last two weeks, including some IDORs, auth bypasses, and a HackerOne bug. Some fun attacks such as a resurface of IDN Homograph Attacks and timing attacks also appear.Link
A bit of a game special this week, with a Counter-Strike: Global Offensive vulnerability and an exploit for Factorio. We also have a Linux kernel bug and a Chromecast secure-boot bypass with some hardware hacking mixed in.Links and vulnerabil
A short bounty episode featuring some logical bugs in Apache OFBiz, a GitLab Account Takeover, and an unauthenticated RCE in Adobe Coldfusion.Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/
This week's highly technical episode has discussion around the exploitation of a libwebp vulnerability we covered previously, memory tagging (MTE) implementation with common allocators, and an insane iPhone exploit chain that targeted researche
Kicking off 2024 with a longer episode as we talk about some auditing desktop applications (in the context of some bad reports to Edge). Then we've got a couple fun issues with a client-side path traversal, and a information disclosure due to a
A bit of a rambling episode to finish off 2023, we talk about some Linux kernel exploitation research (RetSpill) then get into several vulnerabilities. A type confusion in QNAP QTS5, a JavaScriptCore bug in Safari, and several issues in Steam's
A mix of issues this week, not traditionally bounty topics, but there are some lessons that can be applied. First is a feature, turned vulnerability in VS Code which takes a look at just abusing intentional functionality. Several XOS bugs with
A Samsung special this week, starting off with two Samsung specific vulnerabilities, one in the baseband chip for code execution. And a stack based overflow in the RILD service handler parsing IPC calls from the baseband chip for a denial of
A Samsung special this week, starting off with two Samsung specific vulnerabilities, one in the baseband chip for code execution. And a stack based overflow in the RILD service handler parsing IPC calls from the baseband chip for a denial of se
Join Podchaser to...
- Rate podcasts and episodes
- Follow podcasts and creators
- Create podcast and episode lists
- & much more
Unlock more with Podchaser Pro
- Audience Insights
- Contact Information
- Demographics
- Charts
- Sponsor History
- and More!
- Account
- Register
- Log In
- Find Friends
- Resources
- Help Center
- Blog
- API
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More
- © 2024 Podchaser, Inc.
- Privacy Policy
- Terms of Service
- Contact Us