
انتقل إلى وضع عدم الاتصال باستخدام تطبيق Player FM !
Deanonymization with CloudFlare and Subaru's Security Woes
Manage episode 463386244 series 2606557
Zero Day Initiative posts their trends and observations from their threat hunting highlights of 2024, macOS has a sysctl bug, and a technique leverages CloudFlare to deanonymize users on messaging apps. PortSwigger also publishes a post on the Cookie Sandwich technique, and Subaru's weak admin panel security allows tracking and controlling other people's vehicles.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/270.html
[00:00:00] Introduction
[00:00:11] ZDI Threat Hunting 2024 - Highlights, Trends, and Challenges
[00:21:44] Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform
[00:41:54] Stealing HttpOnly cookies with the cookie sandwich technique
[00:49:06] Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
282 حلقات
Manage episode 463386244 series 2606557
Zero Day Initiative posts their trends and observations from their threat hunting highlights of 2024, macOS has a sysctl bug, and a technique leverages CloudFlare to deanonymize users on messaging apps. PortSwigger also publishes a post on the Cookie Sandwich technique, and Subaru's weak admin panel security allows tracking and controlling other people's vehicles.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/270.html
[00:00:00] Introduction
[00:00:11] ZDI Threat Hunting 2024 - Highlights, Trends, and Challenges
[00:21:44] Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform
[00:41:54] Stealing HttpOnly cookies with the cookie sandwich technique
[00:49:06] Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
282 حلقات
كل الحلقات
×مرحبًا بك في مشغل أف ام!
يقوم برنامج مشغل أف أم بمسح الويب للحصول على بودكاست عالية الجودة لتستمتع بها الآن. إنه أفضل تطبيق بودكاست ويعمل على أجهزة اندرويد والأيفون والويب. قم بالتسجيل لمزامنة الاشتراكات عبر الأجهزة.