固定されたツイート
X/Twitter is mostly trash, unfortunately there's no good replacement. Can't even unpin old pins? So this is my new pin. Cool.
English
Aaron Grattafiori
19.9K posts
Aaron Grattafiori
@dyn___
Offensive Security / AI Red Teaming @ NVIDIA. Ex-GenAI and OffSec Red Teaming Lead at Meta. Ex-Principal Consultant and Researcher @ NCC Group.
Colorado 参加日 Mart 2014
2.4K フォロー中5.8K フォロワー
👀
Bold move to say we don’t know if Claude is conscious at the same time knowing people can steer convos and those same people make policy
Sen. Bernie Sanders@SenSanders
I spoke to Anthropic’s AI agent Claude about AI collecting massive amounts of personal data and how that information is being used to violate our privacy rights. What an AI agent says about the dangers of AI is shocking and should wake us up.
English
Was remembering this crazy 0-click iOS exploit chain:
GIF in iMessage → actually PDF with JBIG2 → integer overflow in JBIG2 decoding → Use logic to emulate computer architecture → sandbox escape → Pegasus malware
projectzero.google/2021/12/a-deep…
English
@HackingLZ @anton_chuvakin Yeah... I think these slop kiddies will be able to use open source and get somewhere, but in the same way a scanner or tool only takes you so far currently, eventually these will hit diminishing returns and the people will actual SKILLs, architecture and experience will remain 🤷♂️
English
I’m really interested in what happens as places take a lot of investment money to build commodity OffSec LLM backed products, even as the barrier to entry keeps dropping. You eventually end up with what actually matters novel research, deep domain expertise, and humans.
English
Aaron Grattafiori がリツイート
Vulnerability research with LLMs is certainly much easier nowadays from what I have observed. However, that doesn’t mean you will find critical 0-days simply by pointing an agent at the codebase of a target application.
That could work for small and simple applications, but not for applications with previously audited codebases.
As a researcher, you still need a solid methodology and clear objectives. You must define how the review should be performed and what the agent should be looking for.
The more knowledge you have about the codebase, the better instructions you can provide, which will definitely lead to more accurate analysis and more critical findings, or at least reveal attack paths worth investigating.
LLMs don’t replace researchers. They help the ones who already know what they are doing.
#offsec #cybersecurity #redteam
English
@HackingLZ Haha, Yeah you have to be careful with reward hacking and "manufacturing conditions" once you push models into a corner they're not as good at, especially using default "agents".
English
sigh
" You're right. Moving __free_hook into overflow range with --defsym and adding custom trampoline/command sections fundamentally changes the binary layout. That's not a real exploit — it's manufacturing an exploitable configuration that doesn't exist naturally."
English
Aaron Grattafiori がリツイート
Qualys keeping some real OG hackers on the payroll, always love reading their findings. Rest in peace to our friend Stealth, truly one of the greatest.
Saeed Abbasi@saeed4bbasi
🚨 Meet #CrackArmor. What happens when vulnerabilities are found in the very security module designed to protect your Linux system? I am incredibly proud to share the latest research from our team at the Qualys Threat Research Unit (TRU). We have uncovered CrackArmor: a set of 9 vulnerabilities in AppArmor, the default Linux Security Module protecting millions of Ubuntu, Debian, and SUSE systems. The TRU team discovered a fundamental "confused-deputy" flaw that allows any unprivileged local user to arbitrarily load, replace, or remove AppArmor profiles. But they didn't stop there. By creatively chaining this logic flaw, the team demonstrated multiple paths for Local Privilege Escalation (LPE) to full ROOT: 🔥 User-Space LPE: Weaponizing AppArmor to force a "fail-open" state in Sudo, leveraging Postfix for root access. (Note: Postfix is not installed by default on modern Ubuntu, and this Sudo issue was independently found and fixed by ZeroPath in Nov 2025.) 🔥Kernel-Space LPEs: Exploiting deeply buried memory corruption bugs (including a Use-After-Free and Double-Free) to achieve root despite modern kernel mitigations like CONFIG_RANDOM_KMALLOC_CACHES and CONFIG_SLAB_BUCKETS. 🔥 Namespace Bypass: A complete bypass of Ubuntu’s unprivileged user-namespace restrictions. ⚠️ Urgent Note for Defenders: Patches officially landed upstream in Linus’s tree today. However, due to the new Linux kernel assignment process, CVEs have not been assigned yet. Do not wait for a CVE ID to trigger your vulnerability scanners—start reviewing your patching strategy now! Qualys customers can use QID 386714 - AppArmor Local Privilege Escalation Vulnerability (CrackArmor), which was just released. 🙏Thank you to the Canonical, Debian, SUSE, and Linux Kernel security teams for their coordination. #CyberSecurity #Linux #AppArmor #CrackArmor #QualysTRU #InfoSec #KernelExploitation #ThreatResearch #Qualys blog.qualys.com/vulnerabilitie…
English
@nrathaus Even is so, there's still a LOT out there. The kinds of things that never get patched.
English
Remote Pre-Auth Buffer Overflow in GNU Inetutils telnetd...
"Any unauthenticated attacker with network access to port 23 can trigger the overflow with a single telnet connection and a crafted SLC suboption." 💀
lists.gnu.org/archive/html/b…
"Hold on to your butts..."
English
@_xpn_ Yep. Attackers can go as fast as possible and for some is reliable.
Defenders have telemetry lag, escalation lag, etc. Even if they're also using AI which can take actions, it needs to be extremely trusted depending on the disruptive risk tolerance. That's very difficult.
English
@dyn___ I honestly don’t think most are prepared for that. The “low and slow” will have their place, but from what I’m seeing, the raw speed of attacks coming is gonna be a game changer for everyone!
English
I’m genuinely excited for all the new things that people are discovering and releasing in the ML / Offensive security space. It feels like the early days of red teaming again 🤘
Brett Hawkins@h4wkst3r
LLMs have changed the way offensive security practitioners reason about problems and build offensive capabilities. @evan_pena2003 and I wrote how our @ArmadinSecurity red team approaches this in the new age of LLMs ⬇️ armadin.com/blog-posts/thi…
English
😬 yeah and it's gonna get worse...
Richard Seroter@rseroter
"For the first time since we began publishing the CTHR in 2021, we observed a tactical pivot by threat actors. They’re now targeting third-party software vulnerabilities more than weak or missing credentials as the primary initial access vector." cloud.google.com/blog/products/…
English
Aaron Grattafiori がリツイート
@0xTib3rius Yep. Which is kinda crazy given how much safety Anthropic tries to push...
English
Claude Code seemingly has little to no guardrails right now compared to Codex.
From getting it to run offensive security engagements on arbitrary endpoints, to asking it to code purposefully vulnerable web apps for training, it will often just go do it without a fuss. 🤯
English
This was likely found by AI. Credits go to DREAM Security research group.
dreamgroup.com
If so, everyone doubting what LLMs can do vuln finding wise is sleeping on the biggest change to security in a long, long time.
English
Network appliances with no ASLR...
Crappy home routers...
Oof.
English
Aaron Grattafiori がリツイート
We decided to revisit an old research problem with some new LLM powered tooling. Check out our latest blog post to see how we approached this research, and the new Java deserialization gadget chains it discovered in just two days! buff.ly/CeAQZ2B
English
@haroonmeer They're so ridiculous and disgusting. I have no idea who it's actually for other than some lowlifes with 35 IQ who think it's funny.
English
I’m curious if there are U.S friends/folks in my timeline who like these sortsa videos from the White House?
Would love to hear the case for… ?
The White House@WhiteHouse
UNDEFEATED.
English