all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

229 - Buggy Cookies and a macOS TCC Bypass

Add to bookmarks
Dec. 5, 2023, 1 p.m. | zi

DAY[0] dayzerosec.com

This week brings up a pretty solid variety of issues. Starting off with some cookie smuggling (and other cookie attacks) which presents some interesting research I hadn't really looked for before that has some potential. Then an AI alignment evasion to leak training data. Not the most interesting attack but it appears to open up some other ideas for further research. A MacOS desktop issue (for a $30k bounty), and some home assistant issues.

alignment attack attacks bounty-podcast bypass cookie cookies data evasion leak macos podcast research smuggling solid tcc tcc bypass training training data week

Visit resource

More from dayzerosec.com / DAY[0]

254 - Memory Corruption: Best Tackled with Mitigations or Safe-Languages? 2 weeks, 1 day ago | dayzerosec.com
binary-discussion-podcast cisa corruption languages +8
253 - A Retrospective and Future Look Into DAY[0] 3 weeks, 4 days ago | dayzerosec.com
air change episode future +5
252 - Bypassing KASLR and a FortiGate RCE 2 months, 1 week ago | dayzerosec.com
aslr binary-podcast bypass bypassing +12
251 - RCE’ing Mailspring and a .NET CRLF Injection 2 months, 1 week ago | dayzerosec.com
attack bounty bounty-podcast bypass +9
250 - Future of Exploit Dev 2 months, 2 weeks ago | dayzerosec.com
binary-podcast corruption dev development +12
249 - libXPC to Root and Digital Lockpicking 2 months, 2 weeks ago | dayzerosec.com
android bounty-podcast bypass check +11
248 - Binary Ninja Free and K-LEAK 2 months, 3 weeks ago | dayzerosec.com
automated binary binary ninja binary-podcast +10
247 - Hacking Google AI and SAML 2 months, 3 weeks ago | dayzerosec.com
auth bounty-podcast bypass google +7
246 - Rust Memory Corruption??? 3 months ago | dayzerosec.com
access binary-podcast code corruption +9

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com