Defcon is canceled, Microsoft was hacked, Rust has vulns

Update: While we talk about Huawei Kernel Self Protection (HKSP) I make mention of the authors statement that he is unrelated to Huawei. Turns out this statement, despite a commit date of Friday wasn't pushed until Monday morning so it was not original. Further information has also come out showing that the author is a Huawei employee, so the relationship is much closer than I believe it to be. ~zi

It was a busy week, Microsofts Github account was hacked, Centurylink Routers have no security, and multiple interactionless RCEs in Samsung phones.

• [00:01:45] OpenOrbis PS4 Toolchain
  
• [00:05:06] DEF CON 28 in-person conference is CANCELLED
  
• [00:13:23] The Nintendo leak saga continues...
  
• [00:18:40] Keybase joins Zoom
  
  • https://www.bleepingcomputer.com/news/security/microsofts-github-account-hacked-private-repositories-stolen/
• [00:33:41] Azure Security Lab - Research Challenge
  
• [00:42:38] Hijacking Centurylink Routers [CVE 2019-19639]
  
• [00:46:24] DoS on Twitter App
  
• [00:51:39] A tale of verbose error message and a JWT token
  
• [01:00:29] Pentesting Cisco SD-WAN Part 2: Breaking routers
  
• [01:04:21] Memory leak and Use After Free in Squid
  
• [01:17:48] How a Deceptive Assert Caused a Critical Windows Kernel Vulnerability
  
• [01:28:30] Samsung Android multiple interactionless RCE
  
  • https://github.com/googleprojectzero/SkCodecFuzzer
• [01:38:25] Linux futex+VFS Use-After-Free
  
• [01:45:03] Huawei HKSP Introduces Trivially Exploitable Vulnerability
  
• [01:50:32] Ragnarok Stopper: development of a vaccine
  
• [01:55:51] Understanding Memory and Thread Safety Practices and Issues in Real-World Rust Programs
  
• [02:09:34] Analyzing a Trio of Remote Code Execution Bugs in Intel Wireless Adapters
  
• [02:10:19] GitHub - JHUAPL/Beat-the-Machine: Reverse engineering basics in puzzle form