We see that one of our vulnerabilities is exploited in the wild Link. So we decided to public the detail analysis of our two bug chains. Any customer has enough information to mitigate these bugs. The vendor also released all patches a week ago. This blog post shares the detail

Proof-of-concept exploit code has been released online for two actively exploited and high-severity vulnerabilities in Microsoft Exchange, collectively known as ProxyNotShell.

WeightBufs is a kernel r/w exploit for all Apple devices with Neural Engine support. Bugs and Exploit by @simo36, you can read my presentation slides at POC for more details about the vulnerabilities and the exploitation techniques.

There are many security solutions available today that rely on the Extended Berkeley Packet Filter (eBPF) features of the Linux kernel to monitor kernel functions. Such a paradigm shift in the latest monitoring technologies is being driven by a variety of reasons

Netfilter is a framework in the Linux kernel for implementing various networking-related tasks with user-defined handlers. Netfilter provides various functions for packet filtering, network address translation and port translation, and packet logging. Netfilter represents a set of hooks that allow other kernel modules to register callback functions in the kernel’s networking stack.

At Grapl we believe that in order to build the best defensive system we need to deeply understand attacker behaviors. As part of that goal we're investing in offensive security research. Keep up with our blog for new research on high risk vulnerabilities, exploitation, and advanced threat tactics.

This post details the development of a guest-to-host virtualization escape for Parallels Desktop on macOS, as used in our successful Pwn2Own 2021 entry. Give...

On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks BHI (or Spectre-BHB) is a revival of cross-privilege Spectre-v2 attacks on modern systems deploying in-hardware defenses. And we have a very neat end-to-end exploit leaking arbitrary kernel memory on modern Intel CPUs to prove it (PoC||GTFO right?).

Netfilter is a framework in the Linux kernel for implementing various networking-related tasks with user-defined handlers. Netfilter provides various functions for packet filtering, network address translation and port translation, and packet logging. Netfilter represents a set of hooks that allow other kernel modules to register callback functions in the kernel’s networking stack.

At Grapl we believe that in order to build the best defensive system we need to deeply understand attacker behaviors. As part of that goal we're investing in offensive security research. Keep up with our blog for new research on high risk vulnerabilities, exploitation, and advanced threat tactics.

This post details the development of a guest-to-host virtualization escape for Parallels Desktop on macOS, as used in our successful Pwn2Own 2021 entry. Give...

On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks BHI (or Spectre-BHB) is a revival of cross-privilege Spectre-v2 attacks on modern systems deploying in-hardware defenses. And we have a very neat end-to-end exploit leaking arbitrary kernel memory on modern Intel CPUs to prove it (PoC||GTFO right?).