writing secure C right now by just focusing really hard. should tell other ppl about this

One year ago #SigRed (CVE-2020-1350) was patched. The RCE vulnerability allows an attacker to gain access as Domain Admin and own the entire network. Read our writeup on the the first public exploit from our very own chompie! graplsecurity.com/post/anatomy-o…

We have! Very happy to have d0nut 🦀 onboard!

#eBPF is a powerful #Linux capability for devs who want to run code in the kernel, but it also makes for great attack surface. In our blog, chompie digs into eBPF, explains how it works, and demonstrates a local privilege escalation exploit! graplsecurity.com/post/kernel-pw…

So excited to finally release my blog post- Kernel Pwning with eBPF: a Love Story. I cover eBPF, the verifier, debugging, exploitation, mitigations and other cool findings! I do root cause analysis and exploit CVE-2021-3490 for LPE with PoC included. graplsecurity.com/post/kernel-pw…

Linux eBPF bug gets root privileges on Ubuntu - Exploit released - Ionut Ilascu bleepingcomputer.com/news/security/…

Could not be more excited to get this book from Snyk's #31DaysOfSecurity giveaway today! I'm blown away by how thoughtful this choice is! Can't wait to integrate what I learn into my work Grapl Inc.! So grateful!! What an excellent start to my week!

computers were a mistake

This is an outstanding work. I've had the privilege to see Pawel Wieczorkiewicz work thru this research. The post has many references, excellent background info and offers a methodology that can be used for other experiments too (besides the cool finding!)

#io_uring is a new #Linux syscall interface, designed for performance. It redefines how apps interact with the kernel, even inside a #sandbox. In our blog, we cover the attack surface, find a vuln, and use advanced kernel exploit techniques to gain #root graplsecurity.com/post/iou-ring-…

Thrilled to share my new blog post: Put an io_uring on it: Exploiting the Linux kernel. Follow me while I learn a new kernel subsystem + its attack surface, find an 0day, build an exploit, + come up with some new tricks. I go deep and demystify the process graplsecurity.com/post/iou-ring-…

Researcher uses Dirty Pipe exploit to fully root a Pixel 6 Pro and Samsung S22 arstechnica.com/information-te… by @[email protected] -- Follow me there

Put an io_uring on it: Exploiting the Linux Kernel via Grapl Inc. buff.ly/3CY89wT #linux

You can now manage Buildkite-as-code using Pulumi 🔥 🙌 and 💚 to Grapl Inc. for sharing it with the world. You can get started with it here: pulumi.com/registry/packa…

Using code to describe your infrastructure unlocks a lot of expressive power, which is why we use Pulumi to automate our deployments. When we couldn't find providers for some of the services we use, we ended up making some. Learn how: graplsecurity.com/post/pulumi-pr…

Firecracker is a microVM manager in #Rust that powers #AWS services like Lambda and Fargate. It's also one of the key components of Grapl's multi-tenant isolation. A critical dependency deserves some red teaming - here's how we attacked AWS' Firecracker. graplsecurity.com/post/attacking…

Great write-up by chompie into trying to exploit Firecracker and luckily it withstood the attempt. It's really impressive how much Grapl Inc. audits the security of the components they rely on, and appreciated they post even investigations like this that didn't find 0-day.

📖 CloudSecList Issue 154 just got released, w/ content from falcosecurity Lyft Engineering @istiomesh Rory McCune Grapl Inc. @LightspinTech and more! cloudseclist.com/issues/issue-1…

🦀📕 All chapters of my book, Rust Atomics and Locks, are now freely available online: marabos.nl/atomics/ Enjoy! ✨