ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "[binary] Zynq-7000 Secure Boot Bypass and Compiler-Created Bugs"
Episode Synopsis
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/zynq-7000-secure-boot-bypass-and-compiler-created-bugs.html
Just one vulnerability this week, a secure boot bypass, and some research into detecting compiler introduced bugs. Ending the week with a discussion about how to learn fuzzing.
[00:00:58] Spot the Vuln - All Inclusive HMAC
[00:03:47] Zynq-7000 Secure Boot Bypass [CVE-2021-44850]
[00:19:32] Cross-Architecture Testing for Compiler-Introduced Security Bugs
[00:35:02] Question: Learning to Fuzz
[01:03:00] tmp.0ut v2
The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week:
Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities
Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits.
The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
Or follow us on Twitter (@dayzerosec) to know when new releases are coming.
Just one vulnerability this week, a secure boot bypass, and some research into detecting compiler introduced bugs. Ending the week with a discussion about how to learn fuzzing.
[00:00:58] Spot the Vuln - All Inclusive HMAC
[00:03:47] Zynq-7000 Secure Boot Bypass [CVE-2021-44850]
[00:19:32] Cross-Architecture Testing for Compiler-Introduced Security Bugs
[00:35:02] Question: Learning to Fuzz
[01:03:00] tmp.0ut v2
The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week:
Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities
Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits.
The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
Or follow us on Twitter (@dayzerosec) to know when new releases are coming.
More episodes of the podcast Day[0]
Exploiting VS Code with Control Characters
12/05/2025
Pulling Gemini Secrets and Windows HVPT
16/04/2025
ESP32 Backdoor Drama and SAML Auth Bypasses
17/03/2025
In God we trust