EPISODE · Dec 15, 2020 · 1H 50M
Fireeye, PS4 exploit, and MacOS LPE
from Day[0] · host dayzerosec
Big news this week as several government agencies and contractors may have been compromised. We also have a number of great writeups this week covering everything from a PS4 webkit exploit, MacOS, and Windows. [00:00:25] CISA issues emergency directive for SolarWinds Orion products compromise https://twitter.com/CISAgov/status/1338348931571445762https://www.sec.gov/ix?doc=/Archives/edgar/data/1739942/000162828020017451/swi-20201214.htmhttps://www.fireeye.com/blog/products-and-services/2020/12/fireeye-shares-details-of-recent-cyber-attack-actions-to-protect-community.htmlhttps://twitter.com/KimZetter/status/1338305089597964290https://twitter.com/mamah1987/status/1338369455177523201https://www.cisa.gov/news/2020/12/13/cisa-issues-emergency-directive-mitigate-compromise-solarwinds-orion-network [00:26:53] Finding Critical Open Source Projects https://opensource.googleblog.com/2020/12/finding-critical-open-source-projects.htmlhttps://github.com/ossf/criticality_score [00:33:46] Vulnerabilities in McAfee ePolicy Orchestrator https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/ [00:39:20] Chat Question: How to get good at exploit dev [00:44:34] Novel Abuses On Wi-Fi Direct Mobile File Transfers https://blog.doyensec.com//2020/12/10/novel-abuses-wifi-direct-mobile-file-transfers.html [00:47:55] PsExec Local Privilege Escalation https://medium.com/tenable-techblog/psexec-local-privilege-escalation-2e8069adc9c8 [00:52:31] Windows: WOF FSCTL_SET_REPARSE_POINT_EX Cached Signing Level SFB https://bugs.chromium.org/p/project-zero/issues/detail?id=2088 [01:01:07] This is for the Pwners: Exploiting a WebKit 0-day in PlayStation 4 https://www.synacktiv.com/en/publications/this-is-for-the-pwners-exploiting-a-webkit-0-day-in-playstation-4.html [01:08:51] Game On - Finding vulnerabilities in Valve’s "Steam Sockets" https://research.checkpoint.com/2020/game-on-finding-vulnerabilities-in-valves-steam-sockets/ [01:14:57] Apple macOS Kernel OOB Write Privilege Escalation Vulnerability [CVE-2020-27897] https://www.thezdi.com/blog/2020/12/9/cve-2020-27897-apple-macos-kernel-oob-write-privilege-escalation-vulnerability [01:17:22] ABSTRACT SHIMMER: Host Networking is root-Equivalent, Again [CVE-2020-15257] https://research.nccgroup.com/2020/12/10/abstract-shimmer-cve-2020-15257-host-networking-is-root-equivalent-again/ [01:24:41] Now you C me, now you don't, part two: exploiting the in-between https://securitylab.github.com/research/now-you-c-me-part-two [01:36:04] Portable Data exFiltration: XSS for PDFs https://portswigger.net/research/portable-data-exfiltration [01:45:27] HackerOne's 12 Days of Hacky Holidays https://hackerone.com/h1-ctf?type=team [01:47:55] The 2020 SANS Holiday Hack Challenge https://holidayhackchallenge.com/2020/ Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@dayzerosec)
What this episode covers
Big news this week as several government agencies and contractors may have been compromised. We also have a number of great writeups this week covering everything from a PS4 webkit exploit, MacOS, and Windows. [00:00:25] CISA issues emergency directive for SolarWinds Orion products compromise https://twitter.com/CISAgov/status/1338348931571445762https://www.sec.gov/ix?doc=/Archives/edgar/data/1739942/000162828020017451/swi-20201214.htmhttps://www.fireeye.com/blog/products-and-services/2020/12/fireeye-shares-details-of-recent-cyber-attack-actions-to-protect-community.htmlhttps://twitter.com/KimZetter/status/1338305089597964290https://twitter.com/mamah1987/status/1338369455177523201https://www.cisa.gov/news/2020/12/13/cisa-issues-emergency-directive-mitigate-compromise-solarwinds-orion-network [00:26:53] Finding Critical Open Source Projects https://opensource.googleblog.com/2020/12/finding-critical-open-source-projects.htmlhttps://github.com/ossf/criticality_score [00:33:46] Vulnerabilities in McAfee ePolicy Orchestrator https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/ [00:39:20] Chat Question: How to get good at exploit dev [00:44:34] Novel Abuses On Wi-Fi Direct Mobile File Transfers https://blog.doyensec.com//2020/12/10/novel-abuses-wifi-direct-mobile-file-transfers.html [00:47:55] PsExec Local Privilege Escalation https://medium.com/tenable-techblog/psexec-local-privilege-escalation-2e8069adc9c8 [00:52:31] Windows: WOF FSCTL_SET_REPARSE_POINT_EX Cached Signing Level SFB https://bugs.chromium.org/p/project-zero/issues/detail?id=2088 [01:01:07] This is for the Pwners: Exploiting a WebKit 0-day in PlayStation 4 https://www.synacktiv.com/en/publications/this-is-for-the-pwners-exploiting-a-webkit-0-day-in-playstation-4.html [01:08:51] Game On - Finding vulnerabilities in Valve’s "Steam Sockets" https://research.checkpoint.com/2020/game-on-finding-vulnerabilities-in-valves-steam-sockets/ [01:14:57] Apple macOS Kernel OOB Write Privilege Escalation Vulnerability [CVE-2020-27897] https://www.thezdi.com/blog/2020/12/9/cve-2020-27897-apple-macos-kernel-oob-write-privilege-escalation-vulnerability [01:17:22] ABSTRACT SHIMMER: Host Networking is root-Equivalent, Again [CVE-2020-15257] https://research.nccgroup.com/2020/12/10/abstract-shimmer-cve-2020-15257-host-networking-is-root-equivalent-again/ [01:24:41] Now you C me, now you don't, part two: exploiting the in-between https://securitylab.github.com/research/now-you-c-me-part-two [01:36:04] Portable Data exFiltration: XSS for PDFs https://portswigger.net/research/portable-data-exfiltration [01:45:27] HackerOne's 12 Days of Hacky Holidays https://hackerone.com/h1-ctf?type=team [01:47:55] The 2020 SANS Holiday Hack Challenge https://holidayhackchallenge.com/2020/ Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@dayzerosec)
NOW PLAYING
Fireeye, PS4 exploit, and MacOS LPE
No transcript for this episode yet
Similar Episodes
Sep 22, 2023 ·20m
Sep 22, 2023 ·20m
Sep 22, 2023 ·27m
Sep 22, 2023 ·14m
Sep 22, 2023 ·24m
Sep 22, 2023 ·22m