all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

238 - Busted ASLR, PixieFail, and Bypassing HVCI [Binary Exploitation Podcast]

Add to bookmarks
Jan. 31, 2024, 1 p.m. | DAY[0]

DAY[0] www.youtube.com

This week's binary episode features a range of topics from discussion on Pwn2Own's first automotive competition to an insane bug that broke ASLR on various Linux systems. At the lower level, we also have some bugs in UEFI, including one that can be used to bypass Windows Hypervisor Code Integrity mitigation.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/238.html

[00:00:00] Introduction
[00:02:40]
37C3: Unlocked
- media.ccc.de

[00:08:15] Zero Day Initiative — Pwn2Own Automotive 2024 - Day One …

aslr automotive binary binary exploitation bug bugs busted bypass bypassing can code competition exploitation features hypervisor linux linux systems pixiefail podcast pwn2own systems topics uefi week windows

Visit resource

More from www.youtube.com / DAY[0]

Memory Corruption: Best Tackled with Mitigations or Safe-Languages? [254] 3 weeks, 2 days ago | www.youtube.com
amp cisa corruption evolution +11
253 - A Retrospective and Future Look Into DAY[0] 1 month, 3 weeks ago | www.youtube.com
air bounty change future +5
252 - Bypassing KASLR and a FortiGate RCE [Binary Exploitation Podcast] 2 months, 2 weeks ago | www.youtube.com
aslr binary binary exploitation bypass +23
251 - RCE'ing Mailspring and a .NET CRLF Injection [Bug Bounty Podcast] 2 months, 3 weeks ago | www.youtube.com
attack attack chain attacks bounty +16
Future of Exploit Development Follow-up (Episode 250) 2 months, 3 weeks ago | www.youtube.com
corruption development exploit exploit development +9
249 - libXPC to Root and Digital Lockpicking [Bug Bounty Podcast] 2 months, 4 weeks ago | www.youtube.com
android authentication authentication bypass bounty +22
248 - Binary Ninja Free and K-LEAK [Binary Exploitation Podcast] 3 months ago | www.youtube.com
automated binary binary exploitation binary ninja +13
247 - Hacking Google AI and SAML [Bug Bounty Podcast] 3 months ago | www.youtube.com
auth authentication authentication bypass automated +25
246 - Rust Memory Corruption??? [Binary Exploitation Podcast] 3 months, 1 week ago | www.youtube.com
access array binary binary exploitation +21

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com