28 May 2019 Show Notes 11 - Offsec's OSWE/AWAE, Massive Security failures, and a handful of cool attacks 00:02:05 Thoughts on the Advanced Web Attacks and Exploitation (AWAE) Course, and the Offensive Security Web Expert (OSWE) certification 00:32:00 r/AskNetsec - New windows LPE from non-admin :) - From SandboxEscaper 00:45:02 First American Financial Corp. compromise 00:53:04 Google admits storing G Suite user passwords in plain text for 14 years 01:02:02 Safety vs. Security: Attacking Avionic Systems with Humans in the Loop 01:17:03 Malware Guard Extension: Using SGX to Conceal Cache Attacks 01:25:00 Biometric Backdoors: A Poisoning Attack Against Unsupervised Template Updates 01:36:04 MemoryRanger Prevents Hijacking FILE_OBJECT Structures in Windows 01:46:05 Hey Google, What Exactly Do Your Security Patches Tell Us?A Large-Scale Empirical Study on Android Patched Vulnerabilities 02:03:03 MAC OSX Gatekeeper Bypass 02:10:04 RCE Without Native Code: Exploitation of a Write-What-Where in Internet Explorer