Latest Posts
Linux Server Monitoring: a Brief Guide
Different Approaches to Linux Host and Process Monitoring In case you hadn’t heard, Linux is a big deal. Linux servers are used in the vast majority of production systems, the …
Between Two Kernels: Halvar Flake – E03
In Episode 3 Kelly chats with Halvar Flake, former Project Zero team member at Google and Co-Founder of optimyze. The two get philosophical about vendor tag lines, characterize his new …
Between Two Kernels: Allan Alford – E02
In Episode 2 of Between Two Kernels Kelly chats with CISO Allan Alford about being the most hated man in his organization, the three biggest mistakes of his life, and …
Between Two Kernels: Art Coviello
We’re excited to kick off a new video series with our VP of Product Strategy, Kelly Shortridge, titled “Between Two Kernels.” Kelly aims to conduct short, potentially awkward interviews with …
You Think That’s Air You’re Breathing?
What seemed lost in this (runc) hype is that the ability to escape containers is not confined to a one-off vulnerability in container management programs or orchestrators.
Kernel Configuration Glossary
In our post “Millions of Binaries Later: a Look Into Linux Hardening in the Wild”, we examined the security properties of different distributions. In the following, we provide a glossary …
Millions of Binaries Later: a Look Into Linux Hardening in the Wild
TL;DR In this post, we explore the adoption of Linux hardening schemes across five popular distributions by examining their out-of-the-box properties. For each distribution, we analyzed its default kernel configuration, …
Read of “Millions of Binaries Later: a Look Into Linux Hardening in the Wild”
UAFs in Linux Kernel Modules: CVE-2019-8912 & CVE-2019-8956
A researcher using syzkaller found a locally-exploitable bug in Linux’s crypto API, CVE-2019-8912, which allows for a use-after-free in sockfs_setattr. It’s received sudden buzz, probably because a bug in the …
Read of “UAFs in Linux Kernel Modules: CVE-2019-8912 & CVE-2019-8956”
Nested Guests: CVE-2019-7221
Earlier this month, twin KVM bugs found by Google’s Project Zero team were released publicly: CVE-2019-7221, a use-after-free vulnerability, and CVE-2019-7222, a memory leak that can assist exploitation of the …