Breaking Pedersen Hashes in Practice The Pedersen hash function has gained popularity due to […]三月 22, 2023
A Race to Report a TOCTOU: Analysis of a Bug Collision in Intel SMM About four months ago, in October 2022, I was idly poki […]三月 14, 2023
Making New Connections – Leveraging Cisco AnyConnect Client to Drop and Run Payloads The Cisco AnyConnect client has received a fair amount […]三月 1, 2023
Rustproofing Linux (Part 4/4 Shared Memory) This is a four part blog post series that starts with R […]二月 16, 2023
Rustproofing Linux (Part 3/4 Integer Overflows) This is a four part blog post series that starts with R […]二月 14, 2023
Rustproofing Linux (Part 2/4 Race Conditions) This is a four part blog post series that starts with R […]二月 8, 2023
Rustproofing Linux (Part 1/4 Leaking Addresses) Rust is a programming language guaranteeing memory and […]二月 6, 2023
Machine Learning 102: Attacking Facial Authentication with Poisoned Data This blog post is the second in a series related to mac […]二月 3, 2023
Threat Modelling Cloud Platform Services by Example: Google Cloud Storage Introduction The consumption of cloud services has grow […]一月 31, 2023
Using Semgrep with Jupyter Notebook files If you frequently deliver source code review assessment […]一月 25, 2023
Announcing NCC Group’s Cryptopals Guided Tour: Set 2 Hello and welcome to NCC Group’s Cryptopals guided tour […]一月 23, 2023
Technical Advisory – U-Boot – Unchecked Download Size and Direction in USB DFU (CVE-2022-2347) Vendor: DENX Software Engineering Vendor URL: https://w […]一月 20, 2023
Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434) The Galaxy App Store is an alternative application stor […]一月 20, 2023
Project Bishop: Clustering Web Pages Written by Jose Selvi and Thomas Atkinson If you are a […]一月 19, 2023
Puckungfu: A NETGEAR WAN Command Injection Summary Vulnerability Details Overview Execution Flow / […]十二月 22, 2022
MeshyJSON: A TP-Link tdpServer JSON Stack Overflow Summary Target Binary tdpServer Architecture & Miti […]十二月 19, 2022
Machine Learning 101: The Integrity of Image (Mis)Classification? Professor Ron Rivest observed the close relationship be […]十二月 15, 2022
Public Report – VPN by Google One Security Assessment During the summer of 2022, Google engaged NCC Group to […]十二月 9, 2022
Public Report – Confidential Space Security Review During the summer of 2022, Google engaged NCC Group to […]十二月 6, 2022
Exploring Prompt Injection Attacks Have you ever heard about Prompt Injection Attacks[1]? […]十二月 5, 2022
So long and thanks for all the 0day After nearly four years into my role, I am stepping dow […]十一月 23, 2022
A jq255 Elliptic Curve Specification, and a Retrospective First things first: there is now a specification for th […]十一月 21, 2022
Technical Advisory – NXP i.MX SDP_READ_DISABLE Fuse Bypass (CVE-2022-45163) Vendor: NXP Semiconductors Vendor URL: https://www.nxp. […]十一月 17, 2022
Tool Release – Web3 Decoder Burp Suite Extension Web3 Decoder is a Burp Suite Extension that allows to d […]十一月 10, 2022
Tales of Windows detection opportunities for an implant framework The below are slides from a fifteen minute lightening t […]十一月 9, 2022
Check out our new Microcorruption challenges! New Microcorruption challenges created by Nick Galloway […]十月 31, 2022
Toner Deaf – Printing your next persistence (Hexacon 2022) On Friday 14th of October 2022 Alex Plaskett (@alexjpla […]十月 17, 2022
Technical Advisory – OpenJDK – Weak Parsing Logic in java.net.InetAddress and Related Classes Vendor: OpenJDK Project Vendor URL: https://openjdk.jav […]十月 6, 2022
Public Report – IOV Labs powHSM Security Assessment In June 2022, IOV Labs engaged NCC Group to perform a r […]十月 5, 2022
Shining New Light on an Old ROM Vulnerability: Secure Boot Bypass via DCD and CSF Tampering on NXP i.MX Devices NXP’s HABv4 API documentation references a now-mitigate […]十月 3, 2022
A glimpse into the shadowy realm of a Chinese APT: detailed analysis of a ShadowPad intrusion Authors: William Backhouse (@Will0x04), Michael Mullen […]九月 30, 2022
Detecting Mimikatz with Busylight In 2015 Raphael Mudge released an article [1] that deta […]九月 30, 2022
Whitepaper – Project Triforce: Run AFL On Everything (2017) Six years ago, NCC Group researchers Tim Newsham and Je […]九月 27, 2022
Tool Release – Project Kubescout: Adding Kubernetes Support to Scout Suite tl;dr You can now have Scout Suite scan not only your c […]九月 22, 2022
Technical Advisory – Multiple Vulnerabilities in Juplink RX4-1800 WiFi Router (CVE-2022-37413, CVE-2022-37414) Juplink’s RX4-1800 WiFi router was found to have […]九月 22, 2022
A Guide to Improving Security Through Infrastructure-as-Code Modern organizations evolved and took the next step whe […]九月 19, 2022
Tool Release – ScoutSuite 5.12.0 We are excited to announce the release of a new version […]九月 13, 2022
Public Report – Penumbra Labs Decaf377 Implementation and Poseidon Parameter Selection Review During the summer of 2022, Penumbra Labs, Inc. engaged […]九月 12, 2022
Sharkbot is back in Google Play Authored by Alberto Segura (main author) and Mike Stokk […]九月 6, 2022
Constant-Time Data Processing At a Secret Offset, Privacy and QUIC Introduction NCC Group Cryptography Services team asses […]九月 5, 2022
There’s Another Hole In Your SoC: Unisoc ROM Vulnerabilities UNISOC (formerly Spreadtrum) is a rapidly growing semic […]九月 2, 2022
Conference Talks – September/October 2022 Throughout September and October, members of NCC Group […]九月 1, 2022
SETTLERS OF NETLINK: Exploiting a limited UAF in nf_tables (CVE-2022-32250) Introduction netlink and nf_tables Overview Sets Expres […]九月 1, 2022
Writing FreeBSD Kernel Modules in Rust At present all major operating system kernels are writt […]八月 31, 2022
NCC Con Europe 2022 – Pwn2Own Austin Presentations Cedric Halbronn, Aaron Adams, Alex Plaskett and Catalin […]八月 30, 2022