logo
episode-header-image
Apr 2021
21m 41s

These New WhatsApp Vulnerabilities Can L...

Hussein Nasser
About this episode
Few vulnerabilities in WhatsApp for Andriod discovered that allow an attacker to send an HTML file attachment full access to the user's media, voice notes, pictures, and eventually chat messages (through TLS session resumption keys). In this video, we will discuss the scope of this attack. The vulnerabilities have been patched by facebook. Full article from CENSUS labs discussing in detail how to carry POC attack.  https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/ --- Support this podcast: https://anchor.fm/hnasr/support
Up next
Jun 13
kTLS - Kernel level TLS
Fundamentals of Operating Systems Course https://oscourse.winktls is brilliant.TLS encryption/decryption often happens in userland. While TCP lives in the kernel. With ktls, userland can hand the keys to the kernel and the kernel does crypto. When calling write, the kernel encryp ... Show More
22m 55s
May 9
The beauty of the CPU
If you are bored of contemporary topics of AI and need a breather, I invite you to join me to explore a mundane, fundamental and earthy topic.The CPU.A reading of my substack article https://hnasr.substack.com/p/the-beauty-of-the-cpu 
9m 38s
Apr 18
Sequential Scans in Postgres just got faster
This new PostgreSQL 17 feature is game changer. They know can combine IOs when performing sequential scan. Grab my database coursehttps://courses.husseinnasser.com 
27m 36s
Recommended Episodes
Apr 2020
JavaScript Vulnerabilities with Tim Kadlec - The State of the Web
(Originally aired on YouTube on May 30, 2018) Rick and Tim talk about how insecure much of the web really is, the various vulnerabilities in web security that can leave you open to attack, the challenge of making your organization aware of these risks, and how they could be explo ... Show More
12m 32s
Oct 2023
Episode 39: The Art of Architectures
Episode 39: In this episode of Critical Thinking - Bug Bounty Podcast, We're catching up on news, including new override updates from Chrome, GPT-4, SAML presentations, and even a shoutout from Live Overflow! Then we get busy laying the groundwork on a discussion of web architect ... Show More
1h 21m
Mar 2024
Episode 64: .NET Remoting, CDN Attack Surface, and Recon vs Main App
Episode 64: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Justin and Joel delve into .NET remoting and how it can be exploited, a recent bypass in the Dom Purify library and some interesting functionality in the Cloudflare CDN-CGI endpoint. They also tou ... Show More
1h 8m
Feb 2023
Episode 8: PostMessage Bugs, CSS Injection, and Bug Drops
Episode 8: In this episode of Critical Thinking - Bug Bounty Podcast we drop some critical bugs which leak raw credit card info. We also discuss some CSS Injection & PostMessage related techniques. It's a short one but a good one! Don't miss it!Follow us on twitter at: @ctbbpodca ... Show More
35m 57s
May 2024
OpenAI's HUGE ChatGPT Announcement - Spring Update
In this episode, we delve into OpenAI's significant spring update for ChatGPT, exploring the enhancements and new features introduced. We'll dissect how these updates could influence user interactions and the broader implications for AI communication technologies. Get on ... Show More
9m 41s
Jan 2021
Will Signal Dethrone WhatsApp as the Messenger App of Choice? (11.01.21)
After WhatsApp announced some major changes to its privacy policy, Elon Musk – the world’s richest man – urged his followers to take their messaging elsewhere. In this episode, we discuss WhatsApp’s latest changes in privacy and walk you through the features of the application, S ... Show More
30m 19s
Jan 2020
WhatsApp
We kick off Season 6 with a long-awaited Acquired Classic: Facebook’s $22B purchase of WhatsApp in 2014, which still ranks as the largest acquisition of a private VC-backed startup in history. Yet despite that enormous pricetag and all its associated fanfare, as we sit here 5+ ye ... Show More
1h 51m
Mar 2024
Reddit IPO User Focus, Musk Open Source xAI, Telegram Messaging Rise
In today's episode: Reddit goes public: Reddit, the popular online discussion platform, has filed for an initial public offering (IPO) to become a publicly traded company. Grok will open source: Grok, an artificial intelligence startup, announced plans to launch an open plat ... Show More
4m 48s