Segfault.fm   /     0x20 Monthly (2022-10/11)

Description

Beschreibung: Wegen Umzug kam Ende Oktober keine Folge. Wir behandeln heute Oktober und November. Es gab Microsoft, Twitter, OpenSSL, den Pixel phone lock screen bypass, Tailscale und vieles mehr. Viel Spaß beim Hören! Shownotes: Domain fronting to be blocked on Azure AWS keys on PyPi for over a year “Invalid Username or Password”: a useless security measure - Kevin Burke Elon Musk Says Twitter Will Add Video and Voice Call, Encrypted DMs CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You Russian 0day thirst traps 0XDEAD ZEPPELIN Hijacking AUR Packages by Searching for Expired Domains - Blog by Joren Vrancken urlscan.io’s SOAR spot: Chatty security tools leaking private data - Positive Security Timing Attacks on WhatsApp, Signal, and Threema can Reveal User Location - RestorePrivacy Dangerous hole in Apache Commons Text – like Log4Shell all over again – Naked Security Toyota Suffered a Data Breach by Accidentally Exposing A Secret Key Publicly On GitHub Goggle Pixel Lock Screen Bypass

Subtitle
Segfault.fm: 0x20 Monthly (2022-10/11)
Duration
02:59:33
Publishing date
2022-11-26 15:40
Link
https://segfault.fm/episode/0x20-monthly-nov/
Contributors
  Florian und Daniel
author  
Enclosures
https://segfault.fm/assets/podcasts/0x20-monthly-urlscan.mp3
audio/mp3

Deeplinks to Chapters

00:00:00.000 Intro
255
00:00:55.000 Begrüßung
255
00:03:42.000 Microsoft kündigt domain fronting auf
255
00:12:10.000 Twitter will Ende-zu-Ende Verschlüsselung von Moxie
255
00:20:20.000 Zerodium auf Russisch: OpZero
255
00:31:37.000 OpenSSL patch critical, ah nee doch nicht
255
00:42:37.000 Toyota pushed secret in public git
255
00:53:27.000 InfoSys pushed secret in public git
255
01:02:50.000 Zeppelin Ransomware reverse engineered
255
01:22:10.000 URLScan.io dorks
255
01:49:07.000 Android Pixel lock screen bypass
255
02:12:10.000 Text4Shell
255
02:20:51.000 Hijacking AUR Packages via expired domains
255
02:30:55.000 Invalid Username or Password - a useless security measure
255
02:37:40.000 Timing Angriffe auf Messaging Dienste
255
02:44:07.000 Tailscale: DNS Rebinding and you
255