Jun 2021

9m 8s

Microsoft Paid them $20k for finding one...

About this episode

@MrRajputHacker @Th3Pr0xyB0y found critical universal XSS (an XSS that affects the entire browser, not just one page) on Microsoft Edge. They responsibly reported the bug and detailed it in their article. Let us discuss

Resources

https://cyberxplore.medium.com/how-we-are-able-to-hack-any-company-by-sending-message-including-facebook-google-microsoft-b7773626e447

https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34506

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34475

Support my work on PayPal

https://bit.ly/33ENps4

Become a Member on YouTube

https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

🧑‍🏫 Courses I Teach

https://husseinnasser.com/courses

Up next

Nov 24

CPU and Kernel Page Faults

Page faults occurs when the process tries to access a memory that isn’t backed by a physical page kernel raises a fault which loads a page. It happens on first access, stack expansion, COW, swap and much more. However it comes with a cost. In this episode o ... Show More

48m 37s

Oct 31

Amazon US-EAST-1 Outage in Details

On October 19 2025 AWS experienced an outage that lasted over a day, 10 days later we finally got the root cause analysis and we know exactly what caused the DNS to fail0:00 Summary 5:30 How did Dynamo lost its DNS?13:41 EC2 Errors 16:16 Network Load Balancer ErrorsRCA here https ... Show More

24m 26s

Oct 17

Graceful shutdown in HTTP

There are cases where the backend may need to close the connection to prevent unexpected situations, prevent bad actors or simply just free up resources. Closing a connection gracefully allows clients and backends to clean up and finish any pending requests. In this episode of th ... Show More

25m 49s

Recommended Episodes

Mar 2023

Computer Talk 3-18-23 HR 1

Outlook has serious security issue, Tech support issues costing companies $5k per Employee with remote users being the most costly, Microsoft solved an activation issue for a user by supplying a cracked key, Wifi dongle worked, Chrome not working, new pc, Chromebook issue, My ... Show More

36m 27s

May 2024

SN 976: The 50 Gigabyte Privacy Bomb - Google AI Workarounds, Microsoft Recall

The bigger problem with AI Overview https://udm14.com/ -and- https://tenbluelinks.org/ The horses have left the barn VPNs and Firewalls Email @ GRC Extension to fix Google search Passwords and SPAM Fixing motherboard components Vertical tabs in Firefox FritzBox routers Too many P ... Show More

2h 13m

Mar 2024

Episode 64: .NET Remoting, CDN Attack Surface, and Recon vs Main App

Episode 64: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Justin and Joel delve into .NET remoting and how it can be exploited, a recent bypass in the Dom Purify library and some interesting functionality in the Cloudflare CDN-CGI endpoint. They also tou ... Show More

1h 8m

Mar 2022

Enabling performance-centric engineering orgs (JS Party #216)

This week Amal and Nick are joined by Dan Shappir, a Performance Tech Lead at Next Insurance, to learn about enabling a performance-first mindset within your engineering org. Dan recently left his 7+ year tenure leading performance at Wix where he and his team improved, and m ... Show More

1h 13m

Apr 2020

JavaScript Vulnerabilities with Tim Kadlec - The State of the Web

(Originally aired on YouTube on May 30, 2018) Rick and Tim talk about how insecure much of the web really is, the various vulnerabilities in web security that can leave you open to attack, the challe ... Show More

12m 32s

Oct 2023

Episode 39: The Art of Architectures

Episode 39: In this episode of Critical Thinking - Bug Bounty Podcast, We're catching up on news, including new override updates from Chrome, GPT-4, SAML presentations, and even a shoutout from Live Overflow! Then we get busy laying the groundwork on a discussion of web architect ... Show More

1h 21m

Jul 2021

Des produits Microsoft plus facilement réparable grâce… aux actionnaires ?

Si l'on ne parle pas souvent de Microsoft dans Tech Verte, c'est tout simplement que l'entreprise n'a pas d'actualité importante. Ceci-dit, l’arrivée de Windows 11 a complètement modifié l’équation. Microsoft est aujourd’hui l’une des marques les plus discutées sur internet, en p ... Show More

2m 8s

Mar 2023

A glimpse into Mr. Putin’s cyber war room. 3CXDesktopAppsupply chain risk. XSS flaw in Azure SFX can lead to remote code execution. AlienFox targets misconfigured servers.

The Vulkan papers offer a glimpse into Mr. Putin’s cyber war room. The 3CXDesktopApp vulnerability and supply chain risk. A cross site scripting flaw in Azure Service Fabric Explorer can lead to remote code execution. Rob Boyce from Accenture Security on threats toEV charging sta ... Show More

28m 21s

Listen to millions of songs and podcasts on Anghami