GRIMM Cyber

ChatGPT

Does ChatGPT Change Infosec?

Author: Sylvia Killinen | Security Engineer | GRIMM It’s been widely commented that ChatGPT generates bullshit. That isn’t a pejorative phrase but rather a term of art, as in Herbert’s “On Bullshit,” which defines it as speech intended to persuade, regardless of its truth value. Bullshit is distinguished from lying by a lack of intent […]

Does ChatGPT Change Infosec? Read More »

6 Cybersecurity predictions for 2023

The world is rapidly changing, and with it, so is how we approach and protect ourselves from cybersecurity threats. With the increasing sophistication of threat actors, and the ever-growing number of connected devices, the need for advanced security measures is more significant than ever. As you optimize your cybersecurity resilience priorities for the year ahead,

6 Cybersecurity predictions for 2023 Read More »

threat actors cybersecurity

Professional evil: a glimpse into the tactics and motivations of malicious threat actors

There are plenty of articles detailing the uses of patience, creativity, and above all, learning from your failures. Those are all requirements for excelling in any technical field. Instead of rehashing that baseline, let’s take a look at how a threat actor might stage attacks to create the most extensive damage, regardless of the target.  

Professional evil: a glimpse into the tactics and motivations of malicious threat actors Read More »

Why You Should Care About Infrastructure Security Month

November is Critical Infrastructure Security & Resilience Month, a nationwide effort to raise awareness and reaffirm the commitment to keep our nation’s critical infrastructure secure and resilient. This year’s theme is Infrastructure Security is National Security: Together We Can Drive Down Risk, Build Resilience, which covers the spectrum of infrastructure security.  So, why should you

Why You Should Care About Infrastructure Security Month Read More »

public-private partnership

The power of public-private partnerships

By: Jennifer Tisdale Public-Private Partnerships (P3) are often thought of in terms of large-scale, long-term relationships between a government agency and a private business, in which the private business provides a service or an asset to the government while also carrying the burden of financial risk. This commonly occurs in terms of real estate when

The power of public-private partnerships Read More »

ransomware

Ask me anything: what is ransomware?

What is “ransomware”? This came up a couple of times for me this morning, so I thought there might be folks who would benefit from an answer. Specifically, an answer unrelated to selling a ransomware product or service. The term “ransomware” describes the tools, tactics, techniques, and procedures (TTPs) utilized maliciously to either cryptologically prevent

Ask me anything: what is ransomware? Read More »

A man writing code in his office

No Hardware, No Problem: Emulation and Exploitation

Vulnerability Hunting for Sport If you’ve been following our blog, you might notice some favoritism when it comes to embedded targets… We’ve been exploring the NETGEAR R7000 for several blog posts. This pattern stems from a number of product characteristics, one of which is that the device is easy to emulate in QEMU, which provides an alternative to testing the

No Hardware, No Problem: Emulation and Exploitation Read More »

Cyber-physical ranges built by GRIMM experts are used to demonstrate attacks on critical infrastructure in real-time.

Connecting the Dots for Connected Security

By: Naki Carter It is undeniable that organizations, government agencies, and critical infrastructure providers face evolving cyber threats with increased volume and complexity. Securing your organization’s information and assets requires the right amount of effort focused on appropriate areas. Cyber-Physical Systems Security According to the National Institute for Standards and Technology (NIST), “Cyber-Physical Systems (CPS)

Connecting the Dots for Connected Security Read More »

Seamlessly Discovering Netgear Universal Plug-and-Pwn (UPnP) 0-days

Introduction A Vulnerability Researcher’s Favorite Stress Relief Continuing in our series of research findings involving Netgear1 products,2 this blog post describes a pre-authentication vulnerability in Netgear SOHO Devices that can lead to Remote Code Execution (RCE) as root. While our previous research investigated the Netgear web server and update daemons, the issues described in this blog revolve

Seamlessly Discovering Netgear Universal Plug-and-Pwn (UPnP) 0-days Read More »