Bhyves and Evil LEDs (+Roulette)

A "trivial" Bhyve VM escape, a BitWarden "RCE", a ModSecurity "Denial of Service" and more scare quotes for your enjoyment in this week's episode. [00:00:33] Patient Dies After Ransomware Attack [00:08:05] Zerologon [CVE-2020-1472] [00:14:29] BitWarden Blind HTTP GET SSRF https://github.com/bitwarden/server/pull/812/commits/f094b76b6638932b13bb5ed2d9295185c54ce332https://github.com/bitwarden/desktop/issues/552 [00:23:40] Apache + PHP under v7.4.10 open_basedir bypass [00:29:59] ModSecurity v3 Affected By DoS (Severity HIGH) [CVE-2020-15598] [00:38:09] Bhyve VM Escape https://bsdsec.net/articles/freebsd-announce-freebsd-security-advisory-freebsd-sa-20-29-bhyve_svm [00:42:59] Webkit aboutBlankURL() code execution vulnerability [00:48:28] CVE-2020-9964 - An iOS infoleak [00:51:44] Online Casino Roulette - A guideline for pen testers [00:56:40] Light Can Hack Your Face! Black-box Backdoor Attack on Face Recognition [01:03:06] UniFuzz: Optimizing Distributed Fuzzing via Dynamic Centralized Task Scheduling [01:12:07] FANS: Fuzzing Android Native System Services via Automated Interface Analysis https://github.com/iromise/fans [01:19:52] OneFuzz framework, an open source developer tool to find and fix bugs at scale https://github.com/microsoft/onefuzz [01:28:35] Finding Australian Prime Minister Tony Abbott's passport number [01:34:08] ARM64 Reversing and Exploitation [01:37:25] Hypervisor Exploitation Compiled Research List https://github.com/bitwarden/server/pull/812/commits/f094b76b6638932b13bb5ed2d9295185c54ce332 Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@DAY[0])