When testing APIs with short-lived authentication token […]
八月 25, 2022
Back in Black: Unlocking a LockBit 3.0 Ransomware Attack
Authored by: Ross Inman (@rdi_x64) Summary tl;dr This p […]
八月 19, 2022
Wheel of Fortune Outcome Prediction – Taking the Luck out of Gambling
Authored by: Jesús Miguel Calderón Marín Introduction T […]
八月 16, 2022
Detecting DNS implants: Old kitten, new tricks – A Saitama Case Study
Max Groot & Ruud van Luijk TL;DR A recently uncover […]
八月 11, 2022
Implementing the Castryck-Decru SIDH Key Recovery Attack in SageMath
Introduction Last weekend (July 30th) a truly incredibl […]
八月 8, 2022
Top of the Pops: Three common ransomware entry techniques
by Michael Mathews Ransomware has been a concern for ev […]
八月 4, 2022
NCC Group Research at Black Hat USA 2022 and DEF CON 30
This year, NCC Group researchers will be presenting at […]
八月 3, 2022
Technical Advisory – Multiple vulnerabilities in Nuki smart locks (CVE-2022-32509, CVE-2022-32504, CVE-2022-32502, CVE-2022-32507, CVE-2022-32503, CVE-2022-32510, CVE-2022-32506, CVE-2022-32508, CVE-2022-32505)
The following vulnerabilities were found as part of a r […]
七月 25, 2022
NIST Selects Post-Quantum Algorithms for Standardization
Last week, NIST announced some algorithms selected for […]
七月 13, 2022
Climbing Mount Everest: Black-Byte Bytes Back?
Authored by: Michael Mullen and Nikolaos Pant […]
七月 13, 2022
Five Essential Machine Learning Security Papers
We recently published “Practical Attacks on Machi […]
七月 7, 2022
Whitepaper – Practical Attacks on Machine Learning Systems
Written by Chris Anley, Chief Scientist, NCC Group This […]
七月 6, 2022
Flubot: the evolution of a notorious Android Banking Malware
Originally published June 29, 2022 on the Fox-IT blog A […]
七月 5, 2022
Technical Advisory – ExpressLRS vulnerabilities allow for hijack of control link
Vendor: ExpressLRS Vendor URL: https://expresslrs.org V […]
六月 30, 2022
Updated: Technical Advisory and Proofs of Concept – Multiple Vulnerabilities in U-Boot (CVE-2022-30790, CVE-2022-30552)
By Nicolas Bidron, and Nicolas Guigo. [Editor’s n […]
六月 16, 2022
Understanding the Impact of Ransomware on Patient Outcomes – Do We Know Enough?
The healthcare sector and ransomware attacks appear tog […]
六月 16, 2022
Public Report – Threshold ECDSA Cryptography Review
In March 2022, DFINITY engaged NCC Group to conduct a s […]
六月 15, 2022
Exception Handling and Data Integrity in Salesforce
Robust exception handling is one of the tenets of best […]
六月 14, 2022
Technical Advisory – Multiple Vulnerabilities in Trendnet TEW-831DR WiFi Router (CVE-2022-30325, CVE-2022-30326, CVE-2022-30327, CVE-2022-30328, CVE-2022-30329)
The Trendnet TEW-831DR WiFi Router was found to have mu […]
六月 10, 2022
Technical Advisory – FUJITSU CentricStor Control Center
Summary On the 6th of April 2022, NCC Group’s Fox […]
六月 10, 2022
Shining the Light on Black Basta
Authored by: Ross Inman (@rdi_x64) and Peter Gurney Sum […]
六月 6, 2022
Technical Advisory – Multiple Vulnerabilities in U-Boot (CVE-2022-30790, CVE-2022-30552)
By Nicolas Bidron, and Nicolas Guigo. U-boot is a popul […]
六月 3, 2022
NCC Group’s Jeremy Boone recognized for Highest Quality and Most Eligible Reports through the Intel Circuit Breaker program
Congratulations to NCC Group researcher Jeremy Boone, w […]
六月 2, 2022
Hardware Security By Design: ESP32 Guidance
Within the Hardware and Embedded Systems practice at NC […]
五月 31, 2022
Public Report – Lantern and Replica Security Assessment
Editor's Note: This security assessment was conducted b […]
五月 31, 2022
NCC Group’s Juan Garrido named to Microsoft’s MSRC Office Security Researcher Leaderboard
Congratulations to NCC Group researcher Juan Garrido, w […]
五月 31, 2022
Public Report – go-cose Security Assessment
In April and May 2022, NCC Group Cryptography Services […]
五月 26, 2022
Technical Advisory – SerComm h500s – Authenticated Remote Command Execution (CVE-2021-44080)
Current Vendor: SerComm Vendor URL: https://www.sercomm […]
五月 24, 2022
Metastealer – filling the Racoon void
Author: Peter Gurney tl;dr MetaStealer is a new informa […]
五月 20, 2022
earlyremoval, in the Conservatory, with the Wrench: Exploring Ghidra’s decompiler internals to make automatic P-Code analysis scripts
(The version of Ghidra used in this article is 10.1.2. […]
五月 20, 2022
Technical Advisory – Kwikset/Weiser BLE Proximity Authentication in Kevo Smart Locks Vulnerable to Relay Attacks
Vendor: Kwikset/Weiser (Spectrum Brands) Vendor URLs: h […]
五月 16, 2022
Technical Advisory – Tesla BLE Phone-as-a-Key Passive Entry Vulnerable to Relay Attacks
Vendor: Tesla, Inc. Vendor URL: https://www.tesla.com V […]
五月 16, 2022
Technical Advisory – BLE Proximity Authentication Vulnerable to Relay Attacks
Vendor: Bluetooth SIG, Inc. Vendor URL: https://www.blu […]
五月 16, 2022
Technical Advisory: Ruby on Rails – Possible XSS Vulnerability in ActionView tag helpers (CVE-2022-27777)
Vendor: Ruby on Rails Vendor URL: https://rubyonrails.o […]
五月 6, 2022
North Korea’s Lazarus: their initial access trade-craft using social media and social engineering
Authored by: Michael Matthews and Nikolaos Pantazopoulo […]
五月 5, 2022
Adventures in the land of BumbleBee – a new malicious loader
Authored by: Mike Stokkel, Nikolaos Totosis and Nikolao […]
四月 29, 2022
LAPSUS$: Recent techniques, tactics and procedures
Authored by: David Brown, Michael Matthews and Rob Smal […]
四月 28, 2022
Real World Cryptography Conference 2022
The IACR’s annual Real World Cryptography (RWC) confere […]
四月 26, 2022
Mitigating the top 10 security threats to GCP using the CIS Google Cloud Platform Foundation Benchmark
As one of the proud contributors to the newest version […]
四月 20, 2022
A brief look at Windows telemetry: CIT aka Customer Interaction Tracker
tl;dr Windows version up to at least version 7 containe […]
四月 12, 2022
Public Report – Google Enterprise API Security Assessment
During the autumn of 2021, Google engaged NCC Group to […]
四月 7, 2022
Conti-nuation: methods and techniques observed in operations post the leaks
Authored by: Nikolaos Pantazopoulos, Alex Jessop and Si […]
三月 31, 2022
Whitepaper – Double Fetch Vulnerabilities in C and C++
Double fetch vulnerabilities in C and C++ have been kno […]
三月 28, 2022
Mining data from Cobalt Strike beacons
Since we published about identifying Cobalt Strike Team […]
三月 25, 2022
Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121)
Mooncake Exploit Summary This blog post describes an un […]
三月 24, 2022
Tool Release – ScoutSuite 5.11.0
We’re proud to announce the release of a new version of […]
三月 16, 2022
Technical Advisory – Apple macOS XAR – Arbitrary File Write (CVE-2022-22582)
Vendor: Apple Vendor URL: https://www.apple.com/ System […]
三月 15, 2022
Microsoft announces the WMIC command is being retired, Long Live PowerShell
Category: Detection and Threat Hunting What is WM […]
三月 10, 2022