I find your vulnerabilities offensive (and exploitable).
We are (finally) talking about the recent OpenSSL vulnerability as we had to redo this EP. In our infinite podcasting wisdom, we took a stab at it roughly 2 hours before the embargo expired and coverage was released - which is obviously is a very silly idea in hindsight. After we cover the current issue at hand, Lurene leads us through the surface levels of how vulns can be exploited in the heap or stack, and the different perspective and processes in practice by offensive security experts. If you want to walk away with a new view of vulns and exploits, stay for the whole hour. Here is a great write up from DataDog on OpenSSL vulnerability CVE-2022-3602.
Audio is streamed directly from the publisher (buzzsprout.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
We are (finally) talking about the recent OpenSSL vulnerability as we had to redo this EP. In our infinite podcasting wisdom, we took a stab at it roughly 2 hours before the embargo expired and coverage was released - which is obviously is a very silly idea in hindsight.
After we cover the current issue at hand, Lurene leads us through the surface levels of how vulns can be exploited in the heap or stack, and the different perspective and processes in practice by offensive security experts. If you want to walk away with a new view of vulns and exploits, stay for the whole hour.
Here is a great write up from DataDog on OpenSSL vulnerability CVE-2022-3602.