![Day[0] artwork](https://is3-ssl.mzstatic.com/image/thumb/Podcasts123/v4/e6/4a/24/e64a2476-975c-a47f-7c57-e3f5e459b0d6/mza_8955790230498800267.jpg/100x100bb.jpg)
Hack Twitter, WhatsApp and all your Cisco phones (CDPwn) ft. GhostKnight
Day[0]
English - February 11, 2020 23:00 - 1 hour - 90.4 MB - ★★★★ - 5 ratingsTechnology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Android, Bluetooth, Microsoft, NordVPN, Twitter, WhatsApp, Cisco, vulns for days impacting several big names and a couple new attack ideas, blind regex injection and GhostKnight a technique to breach data integrity using speculative execution.
[00:01:07] Updated re. Sudo Exploit
[00:03:32] Charges Filed against Four Chinese PLA Hackers for part in 2017 Equifax Breach
[00:06:06] Announcing a Targeted Incentive Program for Selected Trend Micro Products
[00:11:01] Android Security Bulletin - February 2020
https://android.googlesource.com/kernel/common/+/5eeb2ca0
https://android.googlesource.com/kernel/common/+/5eeb2ca0%5E%21/#F0
[00:17:06] Critical Bluetooth Vulnerability in Android (CVE-2020-0022)
[00:22:48] Dangerous Domain Corp.com Goes Up for Sale
[00:37:43] NordVPN - IDOR allow access to payments data of any user
https://hackerone.com/nordvpn
[00:43:35] Twitter - Bypass Password Authentication for updating email and phone number
[00:48:27] WhatsApp Desktop XSS to Local File read (CVE-2019-18426)
[01:03:03] CDPwn: 5 Zero-Days in Cisco Discovery Protocol
[01:15:07] A Rough Idea of Blind Regular Expression Injection Attack
https://speakerdeck.com/lmt_swallow/revisiting-redos-a-rough-idea-of-data-exfiltration-by-redos-and-side-channel-techniques
[01:20:45] GhostKnight: Breaching Data Integrity via Speculative Execution
[01:26:00] BRIGHTNESS: Leaking Sensitive Data from Air-Gapped Workstations via Screen Brightness
[01:30:27] Forging SWIFT MT Payment Messages for fun and pr... research!
[01:35:22] Grooming the iOS Kernel Heap
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0])