all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

180 - An iPod Nano Bug, XNU Vuln, and a WebKit UAF

Add to bookmarks
Jan. 18, 2023, 11:50 p.m. | zi

DAY[0] dayzerosec.com

An Apple-focused episode this week, with a trivial iPod Nano BootRom exploit, and a WebKit Use-after-free. We also have a really cool XNU Virutal Memory bug, strictly a race condition and a logic differential between two alternate paths resulting in bypassing copy-on-write protection. We also handle a few questions from chat, how much reverse engineering is necessary for vuln research, how much programming knowledge is required, and a bit about AI's applicability to reverse engineering.

apple binary-podcast bug bypassing chat copy engineering exploit free hash-import-2023-02-16-04-52 knowledge logic memory podcast programming protection questions race condition research reverse reverse engineering uaf use-after-free vuln webkit

Visit resource

More from dayzerosec.com / DAY[0]

253 - A Retrospective and Future Look Into DAY[0] 5 days, 13 hours ago | dayzerosec.com
air change episode future +5
252 - Bypassing KASLR and a FortiGate RCE 1 month, 3 weeks ago | dayzerosec.com
aslr binary-podcast bypass bypassing +12
251 - RCE’ing Mailspring and a .NET CRLF Injection 1 month, 3 weeks ago | dayzerosec.com
attack bounty bounty-podcast bypass +9
250 - Future of Exploit Dev 1 month, 3 weeks ago | dayzerosec.com
binary-podcast corruption dev development +12
249 - libXPC to Root and Digital Lockpicking 2 months ago | dayzerosec.com
android bounty-podcast bypass check +11
248 - Binary Ninja Free and K-LEAK 2 months, 1 week ago | dayzerosec.com
automated binary binary ninja binary-podcast +10
247 - Hacking Google AI and SAML 2 months, 1 week ago | dayzerosec.com
auth bounty-podcast bypass google +7
246 - Rust Memory Corruption??? 2 months, 2 weeks ago | dayzerosec.com
access binary-podcast code corruption +9
245 - A PHP and Joomla Bug and some DOM Clobbering 2 months, 2 weeks ago | dayzerosec.com
api bounty-podcast bug cache +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Engineer

@ LiquidX | Singapore, Central Singapore, Singapore
View on infosec-jobs.com

Application Security Engineer

@ Solidigm | Zapopan, Mexico
View on infosec-jobs.com

Application Security Engineer

@ Yassir | worldwide
View on infosec-jobs.com

Senior Windows Threat & Detection Security Researcher (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

MDR Security Analyst

@ SentinelOne | Israel
View on infosec-jobs.com

Principal Security Research Engineer (Prisma Cloud)

@ Palo Alto Networks | Bengaluru, India
View on infosec-jobs.com
View more jobs