Offensive Security's OSWE/AWAE, Massive Security failures, and a handful of cool attacks

This will be our last episode until the fall, but once we are back you can catch the DAY[0] podcast on Twitch every Monday afternoon at 12:00pm PST (3:00pm EST) -- https://www.twitch.tv/dayzerosec

[00:00:50] This will be our last episode until the fall.

[00:02:50] Thoughts on the Advanced Web Attacks and Exploitation (AWAE) Course, and the Offensive Security Web Expert (OSWE) certification

[00:32:05] r/AskNetsec - New windows LPE from non-admin :) - From SandboxEscaper

[00:45:20] First American Financial Corp. compromise

[00:53:48] Google admits storing G Suite user passwords in plain text for 14 years

[01:02:27] Safety vs. Security: Attacking Avionic Systems with Humans in the Loop

[01:17:30] Malware Guard Extension: Using SGX to Conceal Cache Attacks

[01:25:04] Biometric Backdoors: A Poisoning Attack Against Unsupervised Template Updates

[01:36:45] MemoryRanger Prevents Hijacking FILE_OBJECT Structures in Windows

[01:46:59] Hey Google, What Exactly Do Your Security Patches Tell Us?A Large-Scale Empirical Study on Android Patched Vulnerabilities

[02:03:35] MAC OSX Gatekeeper Bypass

[02:10:47] RCE Without Native Code: Exploitation of a Write-What-Where in Internet Explorer