GRIMM Cyber

Maritime CyberThreats

Hacking Floaty Things In July 2019 the U.S. Coast Guard issued a safety alert https://www.cyberscoop.com/coast-guard-significant-malware-attack/ https://www.dco.uscg.mil/Portals/9/DCO%20Documents/5p/CG-5PC/INV/Alerts/0619.pdf urging civilian mariners to get their cyber-poop in a group, encouraging the most basic of cyber-opsec on ships and supporting computer systems. Apparently a large international freighter ship heading for New York and New Jersey experienced “degraded” computer systems […]

Maritime CyberThreats Read More »

Analyzing SUID Binaries

Uncategorized / By GRIMM Cyber

In our spare time, we hunt for bugs in various pieces of software. Thus, when winding down from a project recently, we decided it might be fun to audit one of our own laptops to see if we can locate a local privilege escalation (LPE) vulnerability in the software we use every day. This blog

Analyzing SUID Binaries Read More »

Analyzing the Linux Kernel in Userland with AFL and KLEE

Uncategorized / By GRIMM Cyber

At GRIMM we do a lot of vulnerability research and one of our favorite techniques for finding bugs in software is to repurpose or extend security tools from one area of research to another. One great example of this is when Juwei Lin and Lilang Wu ported syzkaller, the popular Linux kernel fuzzer, to macOS. Their research undercovered

Analyzing the Linux Kernel in Userland with AFL and KLEE Read More »

Power Architecture Research Collaboration

Uncategorized / By GRIMM Cyber

The National Motor Freight Traffic Association, Inc. (NMFTA), NXP® Semiconductors and GRIMM, a cybersecurity research firm, recently partnered to conduct an R&D project focused on Power Architecture®, also known as PowerPC®, a technology commonly found in automotive ECUs, to determine its cyber security impact on the heavy vehicle industry. NMFTA commissioned the research project to deliver an open-source software

Power Architecture Research Collaboration Read More »

IOT is even more of a risk than you thought

Uncategorized / By GRIMM Cyber

GRIMM purchased a GeoVision camera that arrived off-the-shelf with security vulnerabilities like most consumer IOT devices. The camera is a stand-in for any IOT device in a residential, industrial, or enterprise environment. The team demonstrated through a practical hands-on-exercise at HackNYC, RSA, Hack the Capitol, and multiple BSides where participants learn how to use a publically available exploit to compromise an emulated

IOT is even more of a risk than you thought Read More »

Know Your Enemy: Botnet Command and Control Architectures

Uncategorized / By GRIMM Cyber

What would you do if your company’s IT devices were discovered to be part of a botnet? In October 2018, dozens of companies’ Hadoop servers were found to be compromised and participating in a self-replicating botnet. The botnet’s malware was able to install itself via a vulnerability in Hadoop that had been publicly known for

Know Your Enemy: Botnet Command and Control Architectures Read More »

SCYTHE Goes Atomic

Uncategorized / By GRIMM Cyber

The SCYTHE team is excited to announce that our latest release gives you the power of Atomic Red Team with all the automation and ease of use of the SCYTHE platform. Plus, you can now create and share your own SCYTHE threats allowing the ecosystem of adversary simulation to expand via the community! What’s new in version 2.4? Signature

SCYTHE Goes Atomic Read More »

Modern Authentication Bypasses

Uncategorized / By GRIMM Cyber

Introduction *hacker voice* “I’m in” is a Hollywood-esque phrase you’ve probably heard before. But how does someone actually do that? Do you wear a hoodie and change your terminal text to bright green? You could, but that won’t be of much help. Bypassing authentication is when an attacker gains access to an application, service, or

Modern Authentication Bypasses Read More »

Five Cybersecurity Questions for Boards or Investors

Uncategorized / By GRIMM Cyber

Boards of Directors and investors do not need to be technical experts to oversee or discover cybersecurity risk in organizations. They do, however, need to ask probing questions to ascertain the maturity level of, and fundamental challenges within, the way organizations understand and manage cybersecurity risk. In our interactions with Executive Board of Directors, Venture

Five Cybersecurity Questions for Boards or Investors Read More »

The Purple Team – Organization or Exercise

Uncategorized / By GRIMM Cyber

As the cybersecurity industry continues to evolve, the use of certain terminology is changing and becoming more prevalent; such as the increased mention of Red Teams and Blue Teams inside boardrooms and IT departments. With the use of these terms, it is also means their definitions can be broad or confusing, sometimes becoming interchangeable with

The Purple Team – Organization or Exercise Read More »

ICS/OT Virtual Class (June 5-6)

Defensive Embedded AutoSec (Aug 28 - Sep 1)

Shop exclusive GRIMM swag!

Talk to GRIMM about your Enterprise

Talk to GRIMM about your Enterprise

Talk to GRIMM about your Enterprise

Talk to GRIMM about your Enterprise

Talk to GRIMM about your Enterprise

Talk to GRIMM about your Enterprise

Talk to GRIMM about your Enterprise

Talk to GRIMM about your Enterprise

Maritime CyberThreats

Analyzing SUID Binaries

Analyzing the Linux Kernel in Userland with AFL and KLEE

Power Architecture Research Collaboration

IOT is even more of a risk than you thought

Know Your Enemy: Botnet Command and Control Architectures

SCYTHE Goes Atomic

Modern Authentication Bypasses

Five Cybersecurity Questions for Boards or Investors

The Purple Team – Organization or Exercise