We are (finally) talking about the recent OpenSSL vulnerability as we had to redo this EP. In our infinite podcasting wisdom, we took a stab at it roughly 2 hours before the embargo expired and coverage was released - which is obviously is a very silly idea in hindsight.
After we cover the current issue at hand, Lurene leads us through the surface levels of how vulns can be exploited in the heap or stack, and the different perspective and processes in practice by offensive security experts. If you want to walk away with a new view of vulns and exploits, stay for the whole hour.
Here is a great write up from DataDog on OpenSSL vulnerability CVE-2022-3602.