all InfoSec news
235 - A GitLab Account Takeover and a Coldfusion RCE [Bug Bounty Podcast]
Jan. 16, 2024, 1 p.m. | DAY[0]
DAY[0] www.youtube.com
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/235.html
[00:00:00] Introduction
[00:00:20] SonicWall Discovers Critical Apache OFBiz Zero-day
[00:11:40] [GitLab] Account Takeover via password reset without user interactions
[00:24:05] Unauthenticated RCE in Adobe Coldfusion [CVE-2023-26360]
[00:35:08] No new iPhone? No secure iOS: Looking at an unfixed iOS vulnerability
[00:36:45] How we made $120k bug bounty in …
account account takeover adobe adobe coldfusion apache apache ofbiz apache ofbiz zero-day bounty bug bug bounty bugs coldfusion critical gitlab introduction ofbiz password password reset podcast rce reset sonicwall takeover unauthenticated zero-day
More from www.youtube.com / DAY[0]
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Threat Analysis Engineer
@ Gen | IND - Tamil Nadu, Chennai
Head of Security
@ Hippocratic AI | Palo Alto
IT Security Vulnerability Management Specialist (15.10)
@ OCT Consulting, LLC | Washington, District of Columbia, United States
Security Engineer - Netskope/Proofpoint
@ Sainsbury's | Coventry, West Midlands, United Kingdom
Journeyman Cybersecurity Analyst
@ ISYS Technologies | Kirtland AFB, NM, United States