Day[0]

Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@DAY[0])   [00:01:29] Sudo: CVE-2019-14287 [00:08:40] Buffer overflow in Realtek Wi-Fi chips [00:17:13] US Law Enforcement Traces Bitcoin Transfers to Nab ‘Largest’ Child Porn Site [00:39:45] Equifax Using admin:admin as Credentials for Sensitive Information [00:48:40] CenturyLink Data Leak of 2.8 Million Records [00:56:37] NordVPN Reportedly Compromised https://crt.sh/?q=nordvpn.com [00:59:07] NordVPN Reportedly Compromised https://twitter.com/hexdefined/status/1185974575214940161 https://nordvpn.com/ https://thatoneprivacysite.net/ [01:07:45] Pop_OS 19.10 [01:13:26] JSFuzz [01:19:08] Site Isolation improvement (and now on Android) [01:22:54] A New Memory Type Against Speculative Side Channel Attacks [01:30:06] oo7: Low-overhead Defense against Spectre Attacks via Program Analysis [01:38:37] UK Government to fund development of attack resistant Arm chips [01:46:59] Germany's Cyber Security Agency Recommends Firefox as Most Secure Browser [02:01:36] Facebook Expanding Bug Bountry Program to Third-Party Apps https://www.facebook.com/whitehat/info/ [02:04:14] ElectionGuard SDK Bug Bounty https://www.youtube.com/watch?v=w3_0x6oaDmI https://www.youtube.com/watch?v=BYRTvoZ3Rho https://www.microsoft.com/en-us/msrc/bounty-electionguard

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/fuchsia-os-printer-bugs-and-hacking-radare2.html Some silly issues in radare2, some printer hacking, some kernel vulnerabilities, and a look at exploiting Fuchsia OS on this weeks episode. Just as a reminder this will be our last episode until September. [00:00:40] Spot the Vuln - Size Matters [00:04:30] Multiple vulnerabilities in radare2 [00:10:08] The printer goes brrrrr!!! [00:17:25] A Kernel Hacker Meets Fuchsia OS [00:33:55] Finding Bugs in Windows Drivers, Part 1 - WDM [00:41:23] Chat Question: Learning Kernel Exploitation [00:50:25] Resources While We are Gone The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/a-zoom-rce-vmware-auth-bypass-and-gitlab-stored-xss.html Last bounty episode before our summer vacation, and we are ending off with some cool issues. XML Stanza smuggling in Zoom for a MitM attack, an odd auth bypass, a Gitlab Stored XSS and gadget based CSP bypass, and an interesting technique to leverage a path traversal/desync against NGINX Plus [00:01:00] How I hacked CTX and PHPass Modules [00:10:55] [Zoom] Remote Code Execution with XMPP Stanza Smuggling [00:19:38] VMware Authentication Bypass Vulnerability [CVE-2022-22972] [00:23:05] Breaking Reverse Proxy Parser Logic [00:26:44] [GitLab] Stored XSS in Notes (with CSP bypass) [00:37:13] GhostTouch: Targeted Attacks on Touchscreens without Physical Touch [00:48:00] Resources While We Are Gone The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/pwn2own-parallels-desktop-and-an-appleavd-bug.html Just a couple vulnerabilities to talk about this week, but some interesting things to talk about in them. We also have some discussion about this year's pwn2own results and a couple things that caught out attention. [00:01:02] Spot the Vuln - NoSQL, No Problem [00:02:46] Pwn2Own Vancouver 2022 - The Results [00:16:14] CVE-2022-22675: AppleAVD Overflow in AVC_RBSP::parseHRD [00:23:16] Exploiting an Unbounded memcpy in Parallels Desktop The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/stealing-dropbox-google-drive-tokens-a-gitlab-bug-and-macos-powerdir-vulnerability.html Kicking off the week with some discussion about DOJ's policy change before getting into some vulnerabilities: "powerdir" a macOS TCC bypass, an integer overflow on the web, and another attack against HelloSign and their Google Drive integration [00:02:12] DOJ’s New CFAA Policy is a Good Start But Does Not Go Far Enough to Protect Security Researchers [00:11:02] macOS Vulnerability "powerdir" could lead to unauthorized user data access [00:17:17] Arbitrary POST request as victim user from HTML injection in Jupyter notebooks [00:21:44] [Glovo] Integer overflow vulnerability [00:25:11] Stealing Google Drive OAuth tokens from Dropbox [00:29:46] Privileged pod escalations in Kubernetes and GKE The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/yanking-rubygems-big-ip-auth-bypass-and-a-priceline-account-takeover.html A lot of cool little bugs this week with some solid impact, Facebook and Priceline account takeovers, F5 iControl Authentication Bypass, and a couple other logic bugs. [00:01:55] rubygems CVE-2022-29176 explained [00:06:09] Multiple bugs chained to takeover Facebook Accounts which uses Gmail [00:15:16] [curl] curl removes wrong file on error [CVE-2022-27778] [00:18:33] [Priceline] Account takeover via Google OneTap [00:22:14] F5 iControl REST Endpoint Authentication Bypass Technical Deep Dive [00:29:02] The Underrated Bugs, Clickjacking, CSS Injection, Drag-Drop XSS, Cookie Bomb, Login+Logout CSRF… [00:30:20] Hunting evasive vulnerabilities The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/pwn2owning-routers-and-anker-eufy-bugs.html Just a few vulnerabilities this week, but we have some codeql discussion as its used to find several vulnerabilities in Accel-PPP VPN server, and a look at a bug submitted to Pwn2Own 2021. [00:00:33] Spot the Vuln - Is It Clear [00:05:13] Anker Eufy Homebase 2 libxm_av.so DemuxCmdInBuffer buffer overflow vulnerability [00:08:18] Hunting bugs in Accel-PPP with CodeQL [00:15:53] Competing in Pwn2Own 2021 Austin: Icarus at the Zenith The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/cloudflare-pages-hacking-a-bank-and-attacking-price-oracles.html Some interesting vulnerabilities this week from a Cloudflare Pages container escape chain, to hacking a bank's web application with some neat tricks to get abuse a file-write in a hardened envrionment, and even another dumb smart-contract bug. [00:00:23] Cloudflare Pages, part 1: The fellowship of the secret [00:10:07] Ruby on Rails - Possible XSS Vulnerability in ActionView tag helpers [CVE-2022-27777] [00:15:01] Hacking a Bank by Finding a 0day in DotCMS [00:22:23] Aave V3’s Price Oracle Manipulation Vulnerability [00:33:53] [Reddit] Able to bypass email verification and change email to any other user email The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/nimbuspwn-a-clfs-vulnerability-and-dataflow.html A few vulnerabilities from a TOCTOU to an arbitrary free, and some research into using data-flow in your fuzzing. [00:00:18] Spot the Vuln - Where's it At? [00:03:44] Nimbuspwn - A Linux Elevation of Privilege [00:08:38] Windows Common Log File System (CLFS) Logical-Error Vulnerability [CVE-2022-24521] [00:15:32] Arbitrary Free in Accusoft ImageGear ioca_mys_rgb_allocate [00:25:31] Commit Level Vulnerability Dataset [00:28:44] DatAFLow - Towards a Data-Flow-Guided Fuzzer The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

<p>Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/xss-for-nfts-a-vmware-workspace-one-uem-ssrf-and-gitlab-ci-container-escape.html</p> <p>Some straight forward bugs this week with some interesting discussion around cryptographic protocols (VMWare Workspace), XSS in the Web3 world, and whether container escapes into a low-privileged VM matter. Along with a couple just note-worthy test-cases to keep in mind while bug hunting.</p> <p>[00:00:35] Wormable Cross-Site Scripting Vulnerability affecting Rarible’s NFT Marketplace<br></p> <p>[00:09:14] Encrypting our way to SSRF in VMWare Workspace One UEM [CVE-2021-22054]<br></p> <p>[00:14:29] How I Bypass 2FA while Resetting Password<br></p> <p>[00:16:41] Container escape on public GitLab CI Runners<br></p> <p>[00:30:39] [Nextcloud] Bypass the protection lock in andoid app<br></p> <p>The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week:<p> <ul> <li>Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities</li> <li>Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities  and exploits.</li> </ul> <p>The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec</p> <p>You can also join our discord: https://discord.gg/daTxTK9</p> <p>Or follow us on Twitter (@dayzerosec) to know when new releases are coming.</p>

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/getting-into-vulnerability-research-and-a-fuse-use-after-free.html We are joined by Cts for a discussion about getting into vulnerability research and some thoughts about the higher-level bug hunting process, then a look at some black-box fuzzing of MS Defender for IoT and a FUSE use-after-free. [00:00:44] Spot the Vuln - What do I need? [00:03:11] Discussion: Getting into Vulnerability Research [00:39:43] Inside the Black Box - How We Fuzzed Microsoft Defender for IoT and Found Multiple Vulnerabilities [00:43:25] FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes [00:46:51] FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/a-struts-rce-broken-java-ecdsa-psychic-signatures-and-a-bad-log4shell-fix.html An intresting mix of issues from crypto (Psychic Signatures), to a bad vulnerability patching service (patching log4shell), and bad logic leading to authentication bypassing and leaking sensitive keys. [00:00:24] Psychic Signatures in Java [CVE-2022-21449] [00:15:09] AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation [00:18:33] Bypass Apple Corp SSO on Apple Admin Panel [00:21:55] Exploiting Struts RCE on 2.5.26 [00:27:46] bluez: malicious USB devices can steal Bluetooth link keys over HCI using fake BD_ADDR [00:31:20] New XSS vectors The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/another-ios-bug-and-edge-chakra-exploitation.html A massive 11,000 byte overflow in WatchGuard, some discussion about lock-related vulnerabilities and analysis, and a look at a ChakraCore exploit dealing with all the mitigations (ASLR, DEP, CFG, ACG,CIG) [00:00:32] Spot the Vuln - The Global Query [00:05:04] Diving Deeper into WatchGuard Pre-Auth RCE [CVE-2022-26318] [00:09:42] HTTP Protocol Stack Remote Code Execution Vulnerability [CVE-2022-21907] [00:18:21] iOS in-the-wild vulnerability in vouchers [CVE-2021-1782] [00:37:06] Microsoft Edge Type Confusion Vulnerability (Part 2) [CVE-2019-0567] The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/taking-over-an-internal-aws-service-and-an-interesting-xss-vector.html Short episode this week, looking at some relatively simple vulnerabilities ranging XSS, to leaking internal service credentials in AWS Relational Database Service by disabling validiation. [00:00:40] Git security vulnerability announced [00:06:37] AWS RDS Vulnerability Leads to AWS Internal Service Credentials [00:14:04] Privilege Escalation to SYSTEM in AWS VPN Client [CVE-2022-25165] [00:18:37] Copy-paste XSS in vditor text editor [CVE-2021-32855] The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/a-subtle-ios-parsing-bug-and-a-php-use-after-free.html We dive into an ASN.1 parsing bug impacting iOS, and a PHP use-after-free to bypass disabled functions, ending the week with a discussion about whether or not its too late to get into this area of security. [00:00:29] Spot the Vuln - One HMAC at a Time [00:03:19] CVE-2021-30737, @xerub's 2021 iOS ASN.1 Vulnerability [00:19:03] In the land of PHP you will always be (use-after-)free [00:30:13] security things in Linux v5.10 [00:36:16] Discussion: Is It too late to get into "cyber security" The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/a-double-edged-ssrf-pritunl-vpn-lpe-and-a-nodebb-vuln.html Quick bounty episode this week with some request smuggling, abusing a SSRF for client-sided impact, a weird oauth flow, and a desktop VPN client LPE. [00:00:28] HTTP Request Smuggling on business.apple.com and Others. [00:06:25] Exploiting a double-edged SSRF for server and client-side impact [00:14:47] Local Privilege Escalation in Pritunl VPN Client [CVE-2022-25372] [00:20:27] A NodeBB 0-day The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/forcedentry-sandbox-escape-and-netfilter-bugs.html More information about the FORCEDENTRY exploit chain, and some Linux exploitation with a couple netfilter bugs. Ending the episode with some discussion about exploiting blind kernel read primitives from Microsoft. [00:00:28] Spot the Vuln - Adding Entropy [00:02:56] FORCEDENTRY: Sandbox Escape [00:15:21] How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables [00:32:38] Exploring a New Class of Kernel Exploit Primitive [00:40:18] BlueHat IL Videos are up The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/spring4shell-pear-bugs-and-gitlab-hardcoded-passwords.html This week we have some fun with some bugs that really shouldn't have passed code-review, we of course talk about Spring4Shell/SpringShell and dive into the decade long history of that bug, and a bit of discussion about triaging more subtle bugs. [00:00:29] [Stripe] CSRF token validation system is disabled [00:09:42] GitLab Account Takeover with Hardcoded Password [00:21:22] Spring4Shell: Security Analysis of the latest Java RCE '0-day' vulnerabilities in Spring [00:37:49] PHP Supply Chain Attack on PEAR [00:52:16] Finding bugs that doesn’t exists The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/pwning-wd-nas-netgear-routers-and-overflowing-kernel-pages.html Plenty of exploit strategy talk this week with vulnerabilities and complete exploits targeting a NAS, a router, and a Linux Kernel module with a page-level overflow. [00:00:26] Spot the Vuln - Normalized Regex [00:01:52] Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121) [00:07:10] Defeating the Netgear R6700v3 [00:18:36] Exploit esp6 modules in Linux kernel [CVE-2022-27666] [00:27:17] Racing against the clock -- hitting a tiny kernel race window The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/gitlab-arbitrary-file-read-and-bypassing-php-s-filter-var.html Some easy vulnerabilities this week, a directory traversal due to a bad regex, a simply yet somewhat mysterious authentication bypass, arbitrary file read in GitLab thanks to archives with symlinks, and a PHP filter_var bypass. [00:00:25] elFinder: The story of a repwning [00:11:56] Authentication bypass using root array [00:17:04] [GitLab] Arbitrary file read via the bulk imports UploadsPipeline [00:19:54] PHP filter_var shenanigans [00:30:26] Quick Thoughts on Finding a Mentor The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.