Bad Blocklists, Legal News, and Windows Vulns

More SD-PWN, more Tesla hacks, potential RCE in Drupal, and a couple windows vulns.

[00:00:27] Congress unanimously passes federal IoT security law

• https://blog.rapid7.com/2020/11/18/congress-unanimously-passes-federal-iot-security-law/

[00:06:52] The Supreme Court will hear its first big CFAA case

• https://www.scotusblog.com/2020/11/case-preview-justices-to-consider-breadth-of-federal-computer-fraud-statute/

[00:13:35] How much is unauthorized access sold for?

• https://xorl.wordpress.com/2020/08/26/how-much-is-unauthorized-access-sold-for/

[00:20:10] Getting Banned for Security Research

• https://nedwill.github.io/blog/jekyll/update/2020/11/25/banned-for-research.html

[00:33:11] SD-PWN Part 3 - Cisco vManage

• https://medium.com/realmodelabs/sd-pwn-part-3-cisco-vmanage-another-day-another-network-takeover-15731a4d75b7

[00:36:10] SD-PWN Part 4 - VMware VeloCloud

• https://medium.com/realmodelabs/sd-pwn-part-4-vmware-velocloud-the-last-takeover-a7016f9a9175

[00:40:39] CVE-2020-7378: OpenCRX Unverified Password Change (FIXED)

• https://blog.rapid7.com/2020/11/24/cve-2020-7378-opencrx-unverified-password-change/
• https://github.com/opencrx/opencrx/commit/389ff0e22851407560091dfd25b25fee0b384eed?branch=389ff0e22851407560091dfd25b25fee0b384eed&diff=split#diff-2bb58016ce7d5cdb2f11bdb60d4aa7dd5c2e2cb816c9120a7f36ac93d0b64f33L702

[00:43:54] Multiple vulnerabilities through filename manipulation (CVE-2020-28948 and CVE-2020-28949)

• https://github.com/pear/Archive_Tar/issues/33
• https://www.drupal.org/sa-core-2020-013

[00:47:14] SSRFs caused by bad RegEx in "private-ip"

• https://johnjhacking.com/blog/cve-2020-28360/

[00:53:13] [SnapChat] Server-Side Request Forgery using Javascript allows to exfill data from Google Metadata

• https://hackerone.com/reports/530974

[00:57:50] Serious flaws in Tesla Model X keyless entry system

• https://www.imec-int.com/en/press/belgian-security-researchers-ku-leuven-and-imec-demonstrate-serious-flaws-tesla-model-x

[01:03:48] Windows Print Spooler Vulnerability

• https://www.accenture.com/us-en/blogs/cyber-defense/discovering-exploiting-shutting-down-dangerous-windows-print-spooler-vulnerability

[01:08:30] Exploiting a “Simple” Vulnerability - In 35 Easy Steps or Less!

• https://windows-internals.com/exploiting-a-simple-vulnerability-in-35-easy-steps-or-less/
• https://twitter.com/gabe_k/status/1330966182543777792
• There was previously a link to br0vvnn here, this blog has been shown to be part of an attempt to compromise security researchers.
  • https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers
    

[01:17:55] Hitcon2020 Challenge Files + Solutions

• https://github.com/david942j/ctf-writeups/tree/master/hitcon-2020

Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)

Or the video archive on Youtube (@dayzerosec)