Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo

Esp32 Podcasts

show episodes
 
Artwork

1
Day[0]

dayzerosec

icon
Unsubscribe
icon
icon
Unsubscribe
icon
Monthly+
 
A weekly podcast for bounty hunters, exploit developers or anyone interesting in the details of the latest disclosed vulnerabilities and exploits.
  continue reading
 
Artwork
 
Follow along the crazy journey of trying to start a tech company from scratch while also having a full time job and family. Whether I succeed or fail you'll get to experience the ups and downs right along with me.
  continue reading
 
Loading …
show series
 
I’m joined by guests Praveen Perera, Future Paul & Ben Carman to go through the list. Links & Contacts: Website: https://bitcoin.review/ Substack: https://substack.bitcoin.review/ Twitter: https://twitter.com/bitcoinreviewhq NVK Twitter: https://twitter.com/nvk Telegram: https://t.me/BitcoinReviewPod Email: [email protected] Nostr & LN: ⚡nvk@nv…
  continue reading
 
I'm joined by guests Rob Hamilton, Craig Raw & Matt Odell to go through the list. OP_RETURN Drama (00:00:52) Odell's thoughts (00:04:29) Craig's thoughts (00:05:59) NVK's thoughts (00:07:47) Rob's thoughts Bitcoin • Software Releases & Project Updates (00:22:10) COLDCARD (00:22:35) Cove Wallet (00:24:03) BTCPay Server (00:24:06) Nunchuk Android (00…
  continue reading
 
A quick episode this week, which includes attacking VS Code with ASCII control characters, as well as a referrer leak and SCIM hunting. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/282.html [00:00:00] Introduction [00:00:57] Attacking Hypervisors - Training Update [00:06:20] Drag and Pwnd: Leve…
  continue reading
 
I'm joined by guests Rob Hamilton & Rijndael to go through the list. Housekeeping (00:01:09) OP_Next recap Bitcoin • Software Releases & Project Updates (00:15:18) Coldcard (00:42:53) Bitcoin Core (00:47:21) BDK (00:48:12) Coinswap (00:48:56) Electrum Wallet (00:52:45) BTCPay Server (00:53:33) Nunchuk Android (00:54:04) Liana (00:54:51) The Mempool…
  continue reading
 
A special episode this week, featuring an interview with John Carse, Chief Information Security Officer (CISO) of SquareX. John speaks about his background in the security industry, grants insight into attacks on browsers, and talks about the work his team at SquareX is doing to detect and mitigate browser-based attacks.…
  continue reading
 
A long episode this week, featuring an attack that can leak secrets from Gemini's Python sandbox, banks abusing private iOS APIs, and Windows new Hypervisor-enforced Paging Translation (HVPT). Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/280.html [00:00:00] Introduction [00:00:18] Doing the Due…
  continue reading
 
I'm joined by guests Rob Hamilton & Future Paul to go through the list. Housekeeping (00:01:09) Nostr DVM Playground (00:26:33) Bitcoin Security Guide (00:27:23) TestFlight need more beta testers for Cove (00:33:19) COLDCARD Key Teleport Urgent Vulnerability Disclosures (00:29:04) A new email phishing campaign targets Coinbase users Bitcoin • Softw…
  continue reading
 
API hacking and bypassing Ubuntu's user namespace restrictions feature in this week's episode, as well as a bug in CimFS for Windows and revisiting the infamous NSO group WebP bug. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/279.html [00:00:00] Introduction [00:00:28] Next.js and the corrupt m…
  continue reading
 
This episode features some game exploitation in Neverwinter Nights, weaknesses in mobile implementation for PassKeys, and a bug that allows disclosure of the email addresses of YouTube creators. We also cover some research on weaknesses in Azure. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/278…
  continue reading
 
Discussion this week starts with the ESP32 "backdoor" drama that circled the media, with some XML-based vulnerabilities in the mix. Finally, we cap off with a post on reviving modprobe_path for Linux exploitation, and some discussion around an attack chain against China that was attributed to the NSA. Links and vulnerability summaries for this epis…
  continue reading
 
I'm joined by guests Rob Hamilton & Vivek to go through the list. Housekeeping (00:01:18) Unleashed.chat rebrands to dataMachine Urgent Vulnerability Disclosures (00:01:52) Private key leak via malformed ECDSA input (00:09:12) ESP32 Security Concerns (00:21:32) Coinos revokes NWC connection secrets Vivek's Corner (00:22:51) Invalid mining jobs by A…
  continue reading
 
A very technical episode this week, featuring some posts on hacking the xbox 360 hypervisor as well as AMD microcode hacking. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/276.html [00:00:00] Introduction [00:00:15] Reversing Samsung's H-Arx Hypervisor Framework - Part 1 [00:10:34] Hacking the X…
  continue reading
 
This week's episode features a variety of vulnerabilities, including a warning on mixing up public and private keys in OpenID Connect deployments, as well as path confusion with an nginx+apache setup. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/275.html [00:00:00] Introduction [00:19:00] The O…
  continue reading
 
This week's Electromaker Show is now available on YouTube and everywhere you get your podcasts! Welcome to the Electromaker Show episode 170! Today we dial it up to 11 with our Product of the Week - the M5Dial - a powerful #ESP32 devkit with a touchscreen and rotary encoder built in, with other goodies. We also look at the new #PocketBeagle 2 from …
  continue reading
 
We discuss an 0day that was dropped on Parallels after 7 months of no fix from the vendor, as well as ZDI's troubles with responses to researchers and reproducing bugs. Also included are a bunch of filesystem issues, and an insanely technical linux kernel exploit chain. Links and vulnerability summaries for this episode are available at: https://da…
  continue reading
 
We cover a comical saga of vulnerabilities and variants from incomplete fixes in macOS, as well as a bypass of Chrome's miraclePtr mitigation against Use-After-Frees (UAFs). We also discuss an attack that abuses COM hijacking to elevate to SYSTEM through AVG Antivirus, and a permissions issue that allows unauthorized access to DRM'd audiobooks. Lin…
  continue reading
 
In this episode, we discuss the US government discloses how many 0ds were reported to vendors in a first-ever report. We also cover PortSwigger's top 10 web hacking techniques of 2024, as well as a deep dive on how kernel mode shadow stacks are implemented on Windows by Connor McGarr. Links and vulnerability summaries for this episode are available…
  continue reading
 
I'm joined by guest Future Paul to go through the list. Prelude to the list (00:01:00) Conversation on AI and building with AI Housekeeping (00:22:02) New Coldcard Q tutorial by Loïc Morel (00:22:10) Looking for bitcoin builders to come on the show (00:23:13) Unleashed.Chat Update (00:23:19) NWC and Olas/Primal Urgent Vulnerability Disclosures (00:…
  continue reading
 
This week's Electromaker Show is now available on YouTube and everywhere you get your podcasts! Welcome to the Electromaker Show episode 169! Today Brandom Satrom, Blues SVP, returns to talk about Starnote for Skylo, their all in one satellite #IoT card, which is also conveniently our Product of the Week! Tune in for the latest maker, tech, DIY, Io…
  continue reading
 
On the web side, we cover a portswigger post on ways of abusing unicode mishandling to bypass firewalls and a doyensec guide to OAuth vulnerabilities. We also get into a Windows exploit for a use-after-free in the telephony service that bypasses Control Flow Guard, and a data race due to non-atomic writes in the macOS kernel. Links and vulnerabilit…
  continue reading
 
This week's Electromaker Show is now available on YouTube and everywhere you get your podcasts! Welcome to the Electromaker Show episode 168! Today we get way too enthusiastic about upcycling, whether it's a Massey Ferguson 65 getting the EV treatment, at 1978 'Jackal' portable sound and vision machine getting a #Teensy and #ESP32 upgrade, and we a…
  continue reading
 
Zero Day Initiative posts their trends and observations from their threat hunting highlights of 2024, macOS has a sysctl bug, and a technique leverages CloudFlare to deanonymize users on messaging apps. PortSwigger also publishes a post on the Cookie Sandwich technique, and Subaru's weak admin panel security allows tracking and controlling other pe…
  continue reading
 
I'm joined by guests Craig Raw and Rob Hamilton to go through the list. Housekeeping (00:01:11) Ross Ulbricht receives a pardon from President Trump (00:03:44) New Marketing Manager opening at Coinkite (00:03:48) Exchanges added to BitcoinSecurity.guide (00:04:15) Olas - new nostr app (00:04:48) Call for guests Urgent Vulnerability Disclosures (00:…
  continue reading
 
This week's Electromaker Show is now available on YouTube and everywhere you get your podcasts! Welcome to the Electromaker Show episode 167! This week we discover ingenious DIY smart home wizardry, a wizard's staff that's smarter than most, a cloak that predicts rain, 10 kilometer range #LoRaWAN sensors and much more! Tune in for the latest maker,…
  continue reading
 
This week features a mix of topics, from polyglot PDF/JSON to android kernel vulnerabilities. Project Zero also publishes a post about excavating an exploit strategy from crash logs of an In-The-Wild campaign. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/269.html [00:00:00] Introduction [00:07:…
  continue reading
 
This week's Electromaker Show is now available on YouTube and everywhere you get your podcasts! Welcome to the Electromaker Show episode 166! This week we reflect on our huge Red Pitaya EduPack giveaway, ask who will buy the new Pi5 16GB variant, and look at a quite specialized ESP32 C61 devkit! Tune in for the latest maker, tech, DIY, IoT, embedde…
  continue reading
 
Specter and zi discuss their winter break, cover some interesting CCC talks, and discuss the summary judgement in the WhatsApp vs. NSO Group case. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/268.html [00:00:00] Introduction [00:09:53] 38C3: Illegal Instructions [00:35:38] WhatsApp v. NSO Group…
  continue reading
 
I'm joined by guest Rob Hamilton to go through the list. Housekeeping (00:01:37) Verify-address over NFC using a Coldcard Q and BDK iOS example wallet Vulnerability Disclosures (00:18:57) New fake Ledger data breach emails try to steal crypto wallets (00:20:51) Cryptocurrency hardware wallet Tangem fixes app bug (00:26:03) Irrevocable fees—stealing…
  continue reading
 
This week's Electromaker Show is now available on YouTube and everywhere you get your podcasts! Welcome to the Electromaker Show episode 164! New gear bonanza! #RaspberryPi Monitor, #Pi500 released, #Arduino Nano #Matter arrives (with some incredible demos including a #DIY #Thread router) and an amazing #AI Macro scale that sees the food it weighs!…
  continue reading
 
In our last episode of 2024, we delve into some operating system bugs in both Windows and Linux, as well as some bugs that are not bugs but rather AI slop. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/267.html [00:00:00] Introduction [00:06:48] Buffer Overflow Risk in Curl_inet_ntop and inet_nt…
  continue reading
 
I'm joined by guests Craig Raw and Rob Hamilton to go through the list. Major/Urgent Vulnerability Disclosures (00:01:18) Transaction-Relay Throughput Overflow Attacks against Off-Chain Protocols (00:01:53) Vulnerability in WabiSabi coinjoin protocol Bitcoin • Software Releases & Project Updates (00:19:59) Rust Payjoin (00:32:48) Lark (01:12:40) Bi…
  continue reading
 
This week's episode contains some LLM hacking and attacks on classifiers, as well as the renewal of DMA attacks with SD Express and the everlasting problems of null bytes. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/266.html [00:00:00] Introduction [00:00:31] Hacking 2024 by No Starch [00:09:1…
  continue reading
 
This week's Electromaker Show is now available on YouTube and everywhere you get your podcasts! Welcome to the Electromaker Show episode 163! The Compute Module 5 from Raspberry Pi has landed! We also looks at the Pimoroni nVME Base for #RaspberryPi 5 (and give one away), along with on demand Mouser webinars and WebScreen, a mini #ESP32 hackable wi…
  continue reading
 
A short episode this week, featuring Keyhole which abuses a logic bug in Windows Store DRM, an OAuth flow issue, and a CSRF protection bypass. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/265.html [00:00:00] Introduction [00:00:16] Attacking Hypervisors From KVM to Mobile Security Platforms [00…
  continue reading
 
I'm joined by guests Stephan Livera, Rijndael & Ben Carman to go through the list. Housekeeping (00:05:29) Bitcoin Black Friday (00:06:05) AnchorWatch gains Lloyd's of London Coverholder status Major/Urgent Vulnerability Disclosures (00:10:25) Krux releases security fix for AES-CBC encryption flaw Bitcoin • Software Releases & Project Updates (00:1…
  continue reading
 
Linux userspace is still a mess and has some bad bugs in root utilities, and Vaultwarden has an interesting auth bypass attack. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/264.html [00:00:00] Introduction [00:00:29] LPEs in needrestart [Ubuntu] [00:18:41] Vulnerability Disclosure: Authenticati…
  continue reading
 
This week, we dive into some changes to V8CTF, the FortiJump Higher bug in Fortinet's FortiManager, as well as some coverage instrumentation on blackbox macOS binaries via Pishi. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/263.html [00:00:00] Introduction [00:00:25] V8 Sandbox Bypass Rewards […
  continue reading
 
I'm joined by guests Justin Moon & Future Paul & to go through the list. Quote of the Day 00:00:48 Nobody knows anything Housekeeping 00:06:00 New COLDCARD Tutorials Major/Urgent Vulnerability Disclosures 00:06:26 Vulnerability in secp256k1-node affecting ECDH 00:08:01 Stalling peers cause disclosure of hindered block propagation Bitcoin • Software…
  continue reading
 
Methodology is the theme of this week's episode. We cover posts about static analysis via CodeQL, as well as a novel blackbox binary querying language called QueryX. Project Zero also leverages Large Language Models to successfully find a SQLite vulnerability. Finally, we wrap up with some discussion on Hexacon and WOOT talks, with a focus on Clem1…
  continue reading
 
This week's Electromaker Show is now available on YouTube and everywhere you get your podcasts! Welcome to the Electromaker Show episode 161! Today we see two inventive automatic soldering machines, delve into fascinating power-over-skin research, and get overly excited about the Espressif ESP32-S3-Box-3B giveaway! Tune in for the latest maker, tec…
  continue reading
 
In this week's episode, we talk a little bit about LLMs and how they can be used with static analysis. We also cover GitHub Security Blog's post on attacking browser extensions, as well as a somewhat controversial CyberPanel Pre-Auth RCE that was disclosed. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/…
  continue reading
 
I'm joined by guests Rijndael & Ben Carman to go through the list.I'm joined by guests Rijndael & Ben Carman to go through the list. Housekeeping 00:00:51 Nostr Rising 00:01:36 New COLDCARD Tutorials 00:01:40 Coinkite is opening an office in LATAM 00:01:50 Bitcoin per Share 00:01:54 Grumpy Surfer SATSCARD Major/Urgent Vulnerability Disclosures 00:0…
  continue reading
 
I'm joined by guests Lyn Alden, Max & Odell to discuss nostr funding. Chapters - (00:00:00) Introduction to Nostr funding concepts - (00:01:04) Importance of decentralized funding in tech - (00:02:07) Discussion on Nostr’s scalability and funding potential - (00:06:17) Analysis of community-driven funding models - (00:12:01) Benefits of open-source…
  continue reading
 
In this week's episode, Specter recaps his experiences at Hardwear.IO and a PS5 hypervisor exploit chain presented there. We also cover some of the recently released DEF CON 32 talks. After the conference talk, we get into some filesystem exploit tricks and how arbitrary file write can be taken to code execution in read-only environments. Links and…
  continue reading
 
I'm joined by guests DK & Miljan to discuss long form content. Chapters: - (00:00:00) Introduction to long form content on Nostr - (00:03:15) Challenges of content distribution on Nostr - (00:06:42) Nostr as a decentralized platform for creators - (00:11:20) The role of relays in content storage and competition - (00:15:47) Building user-centric to…
  continue reading
 
This week's Electromaker Show is now available on YouTube and everywhere you get your podcasts! Welcome to the Electromaker Show episode 160! This week we see a jaw dropping Quake port on an #Arduino Nano #Matter board, learn about #raspberrypi putting out branded SSDs and HAT+ kits, dive into Nordic's new nRF54L15 chip for #BLE, plus much more! Tu…
  continue reading
 
I'm joined by guests Calle, Pablo & Miljan to discuss zaps and nostr money. Chapters - (00:00:00) Introduction - (00:05:12) Building a permissionless public square on Nostr - (00:12:25) Challenges in decentralized social media and privacy - (00:18:43) Cashu protocol integration with Nostr - (00:22:50) Role of ecash in relays and wallets - (00:28:16…
  continue reading
 
I'm joined by guests Kieran, Odell, Hodlbod & Oscar Merry to discuss podcasting 2.0. Chapters - (00:00:00) – Introduction and overview of the discussion on Nostr and podcasting. - (00:01:10) – Importance of Nostr in decentralization and censorship resistance. - (00:10:30) – Integrating Bitcoin and Lightning Payments with Nostr. - (00:19:12) – Value…
  continue reading
 
I'm joined by guests Fiatjaf, Hodlbod & Jeff G to discuss DMs and groupchats. Chapters (00:00) - Introduction to the discussion (02:32) - Overview of MLS Messaging Layer Security and its role in group chats. (10:03) - Addressing spam and impersonation in group communications. (14:16) - Managing group keys and group membership. (21:10) - Security co…
  continue reading
 
I'm joined by guests Fiatjaf, Mike Dilger & Pablo to discuss relays and scaling nostr. Chapters (00:00) – Introduction to Nostr protocol and event signing (02:15) – Relay management and costs in Nostr ecosystem (05:30) – Scaling concerns and misconceptions about relay overload (09:11) – Importance of public key identity management (12:18) – Challen…
  continue reading
 
Loading …
Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Listen to this show while you explore
Play