Compromises, Challenge Design, and 0days

Watch the DAY[0] podcast live on Twitch every Monday afternoon at 12:00pm PST (3:00pm EST) -- https://www.twitch.tv/dayzerosec

[00:00:37] - Huawei Cyber Security Evaluation Report

[00:14:22] - Assange Arrest

[00:24:55] - Matrix Compromise

[00:32:20] - Outlook Compromise

[00:43:39] - Ghidra Source Release

[00:49:18] - Relyze 3 Beta (Another Free Decompiler)

[00:56:30] - Fracker (New PHP Tool)

[01:01:11] - Discussion about EncryptCTF and challenge design

[01:25:24] - Dragonblood/WPA3 Vulnerabilities

[01:32:21] - CVE-2019-0211 Apache Root Privilege Escalation

[01:41:27] - Detailing of CVE-2019-1636 and CVE-2019-6739 in QT

[01:49:47] - Splitting Atoms in XNU

[02:06:39] - PostgreSQL is it a CVE?

[02:11:41] - RELOAD+REFRESH: Abusing Cache Replacement Policies to Perform Stealthy Cache Attacks

[02:26:45] - The ROP Needle: Hiding Trigger-based Injection Vectors via Code Reuse

[02:29:30] - Assessing Unikernel Security