MediaTek BootROM Broken, Free Coffee, and an iOS Kernel Exploit episode artwork

EPISODE · Feb 9, 2021 · 1H 34M

MediaTek BootROM Broken, Free Coffee, and an iOS Kernel Exploit

from Day[0] · host dayzerosec

A lot of discussion this week about OSS security and security processes, an iOS kernel type confusion and MediaTek Bootloader bypass impacting everything since atleast 2014. [00:04:54] Know, Prevent, Fix: A framework for shifting the discussion around vulnerabilities in open source https://security.googleblog.com/2021/02/know-prevent-fix-framework-for-shifting.html [00:15:18] Launching OSV - Better vulnerability triage for open source https://security.googleblog.com/2021/02/launching-osv-better-vulnerability.html [00:22:38] Most Common Bugs of 2021 So Far https://www.bugcrowd.com/blog/common-bugs-of-2021/ [00:31:59] Exploiting the Nespresso smart cards for fun and coffee https://pollevanhoof.be/nuggets/smart_cards/nespresso [00:39:10] Spoofing and Attacking With Skype https://blog.thecybersecuritytutor.com/spoofing-and-attacking-with-skype/ [00:45:01] Getting root on webOS https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html [00:51:31] Applying Offensive Reverse Engineering to Facebook Gameroom https://spaceraccoon.dev/applying-offensive-reverse-engineering-to-facebook-gameroom [00:59:36] Major Vulnerabilities Discovered in Realtek RTL8195A Wi-Fi Module https://www.vdoo.com/blog/realtek-rtl8195a-vulnerabilities-discovered [01:06:32] MTK Bypass Universal https://megafon929.github.io/mtk [01:14:13] Project Zero: iOS Kernel privesc with turnstiles [CVE-2020-27932] https://googleprojectzero.blogspot.com/p/rca-cve-2020-27932.htmlhttps://googleprojectzero.blogspot.com/p/rca.html [01:21:41] Why Security Defects Go Unnoticed during Code Reviews? http://amiangshu.com/papers/paul-ICSE-2021.pdf Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@dayzerosec)

Episode metadata supplied by the publisher feed · Published Feb 9, 2021

A lot of discussion this week about OSS security and security processes, an iOS kernel type confusion and MediaTek Bootloader bypass impacting everything since atleast 2014. [00:04:54] Know, Prevent, Fix: A framework for shifting the discussion around vulnerabilities in open source https://security.googleblog.com/2021/02/know-prevent-fix-framework-for-shifting.html [00:15:18] Launching OSV - Better vulnerability triage for open source https://security.googleblog.com/2021/02/launching-osv-better-vulnerability.html [00:22:38] Most Common Bugs of 2021 So Far https://www.bugcrowd.com/blog/common-bugs-of-2021/ [00:31:59] Exploiting the Nespresso smart cards for fun and coffee https://pollevanhoof.be/nuggets/smart_cards/nespresso [00:39:10] Spoofing and Attacking With Skype https://blog.thecybersecuritytutor.com/spoofing-and-attacking-with-skype/ [00:45:01] Getting root on webOS https://blog.recurity-labs.com/2021-02-03/webOS_Pt1.html [00:51:31] Applying Offensive Reverse Engineering to Facebook Gameroom https://spaceraccoon.dev/applying-offensive-reverse-engineering-to-facebook-gameroom [00:59:36] Major Vulnerabilities Discovered in Realtek RTL8195A Wi-Fi Module https://www.vdoo.com/blog/realtek-rtl8195a-vulnerabilities-discovered [01:06:32] MTK Bypass Universal https://megafon929.github.io/mtk [01:14:13] Project Zero: iOS Kernel privesc with turnstiles [CVE-2020-27932] https://googleprojectzero.blogspot.com/p/rca-cve-2020-27932.htmlhttps://googleprojectzero.blogspot.com/p/rca.html [01:21:41] Why Security Defects Go Unnoticed during Code Reviews? http://amiangshu.com/papers/paul-ICSE-2021.pdf Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@dayzerosec)

PodParley-generated summary based on available episode metadata and transcript content.

NOW PLAYING

MediaTek BootROM Broken, Free Coffee, and an iOS Kernel Exploit

0:00 1:34:14

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of Day[0]?

This episode is 1 hour and 34 minutes long.

When was this Day[0] episode published?

This episode was published on February 9, 2021.

What is this episode about?

A lot of discussion this week about OSS security and security processes, an iOS kernel type confusion and MediaTek Bootloader bypass impacting everything since atleast 2014. [00:04:54] Know, Prevent, Fix: A framework for shifting the discussion...

Can I download this Day[0] episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!