Back in Black: Unlocking a LockBit 3.0 Ransomware Attack Authored by: Ross Inman (@rdi_x64) Summary tl;dr This p […]八月 19, 2022
Wheel of Fortune Outcome Prediction – Taking the Luck out of Gambling Authored by: Jesús Miguel Calderón Marín Introduction T […]八月 16, 2022
Detecting DNS implants: Old kitten, new tricks – A Saitama Case Study Max Groot & Ruud van Luijk TL;DR A recently uncover […]八月 11, 2022
Implementing the Castryck-Decru SIDH Key Recovery Attack in SageMath Introduction Last weekend (July 30th) a truly incredibl […]八月 8, 2022
Top of the Pops: Three common ransomware entry techniques by Michael Mathews Ransomware has been a concern for ev […]八月 4, 2022
NCC Group Research at Black Hat USA 2022 and DEF CON 30 This year, NCC Group researchers will be presenting at […]八月 3, 2022
Technical Advisory – Multiple vulnerabilities in Nuki smart locks (CVE-2022-32509, CVE-2022-32504, CVE-2022-32502, CVE-2022-32507, CVE-2022-32503, CVE-2022-32510, CVE-2022-32506, CVE-2022-32508, CVE-2022-32505) The following vulnerabilities were found as part of a r […]七月 25, 2022
NIST Selects Post-Quantum Algorithms for Standardization Last week, NIST announced some algorithms selected for […]七月 13, 2022
Climbing Mount Everest: Black-Byte Bytes Back? Authored by: Michael Mullen and Nikolaos Pant […]七月 13, 2022
Five Essential Machine Learning Security Papers We recently published “Practical Attacks on Machi […]七月 7, 2022
Whitepaper – Practical Attacks on Machine Learning Systems Written by Chris Anley, Chief Scientist, NCC Group This […]七月 6, 2022
Flubot: the evolution of a notorious Android Banking Malware Originally published June 29, 2022 on the Fox-IT blog A […]七月 5, 2022
Technical Advisory – ExpressLRS vulnerabilities allow for hijack of control link Vendor: ExpressLRS Vendor URL: https://expresslrs.org V […]六月 30, 2022
Updated: Technical Advisory and Proofs of Concept – Multiple Vulnerabilities in U-Boot (CVE-2022-30790, CVE-2022-30552) By Nicolas Bidron, and Nicolas Guigo. [Editor’s n […]六月 16, 2022
Understanding the Impact of Ransomware on Patient Outcomes – Do We Know Enough? The healthcare sector and ransomware attacks appear tog […]六月 16, 2022
Public Report – Threshold ECDSA Cryptography Review In March 2022, DFINITY engaged NCC Group to conduct a s […]六月 15, 2022
Exception Handling and Data Integrity in Salesforce Robust exception handling is one of the tenets of best […]六月 14, 2022
Technical Advisory – Multiple Vulnerabilities in Trendnet TEW-831DR WiFi Router (CVE-2022-30325, CVE-2022-30326, CVE-2022-30327, CVE-2022-30328, CVE-2022-30329) The Trendnet TEW-831DR WiFi Router was found to have mu […]六月 10, 2022
Technical Advisory – FUJITSU CentricStor Control Center Summary On the 6th of April 2022, NCC Group’s Fox […]六月 10, 2022
Shining the Light on Black Basta Authored by: Ross Inman (@rdi_x64) and Peter Gurney Sum […]六月 6, 2022
Technical Advisory – Multiple Vulnerabilities in U-Boot (CVE-2022-30790, CVE-2022-30552) By Nicolas Bidron, and Nicolas Guigo. U-boot is a popul […]六月 3, 2022
NCC Group’s Jeremy Boone recognized for Highest Quality and Most Eligible Reports through the Intel Circuit Breaker program Congratulations to NCC Group researcher Jeremy Boone, w […]六月 2, 2022
Hardware Security By Design: ESP32 Guidance Within the Hardware and Embedded Systems practice at NC […]五月 31, 2022
Public Report – Lantern and Replica Security Assessment Editor's Note: This security assessment was conducted b […]五月 31, 2022
NCC Group’s Juan Garrido named to Microsoft’s MSRC Office Security Researcher Leaderboard Congratulations to NCC Group researcher Juan Garrido, w […]五月 31, 2022
Public Report – go-cose Security Assessment In April and May 2022, NCC Group Cryptography Services […]五月 26, 2022
Technical Advisory – SerComm h500s – Authenticated Remote Command Execution (CVE-2021-44080) Current Vendor: SerComm Vendor URL: https://www.sercomm […]五月 24, 2022
Metastealer – filling the Racoon void Author: Peter Gurney tl;dr MetaStealer is a new informa […]五月 20, 2022
earlyremoval, in the Conservatory, with the Wrench: Exploring Ghidra’s decompiler internals to make automatic P-Code analysis scripts (The version of Ghidra used in this article is 10.1.2. […]五月 20, 2022
Technical Advisory – Kwikset/Weiser BLE Proximity Authentication in Kevo Smart Locks Vulnerable to Relay Attacks Vendor: Kwikset/Weiser (Spectrum Brands) Vendor URLs: h […]五月 16, 2022
Technical Advisory – Tesla BLE Phone-as-a-Key Passive Entry Vulnerable to Relay Attacks Vendor: Tesla, Inc. Vendor URL: https://www.tesla.com V […]五月 16, 2022
Technical Advisory – BLE Proximity Authentication Vulnerable to Relay Attacks Vendor: Bluetooth SIG, Inc. Vendor URL: https://www.blu […]五月 16, 2022
Technical Advisory: Ruby on Rails – Possible XSS Vulnerability in ActionView tag helpers (CVE-2022-27777) Vendor: Ruby on Rails Vendor URL: https://rubyonrails.o […]五月 6, 2022
North Korea’s Lazarus: their initial access trade-craft using social media and social engineering Authored by: Michael Matthews and Nikolaos Pantazopoulo […]五月 5, 2022
Adventures in the land of BumbleBee – a new malicious loader Authored by: Mike Stokkel, Nikolaos Totosis and Nikolao […]四月 29, 2022
LAPSUS$: Recent techniques, tactics and procedures Authored by: David Brown, Michael Matthews and Rob Smal […]四月 28, 2022
Real World Cryptography Conference 2022 The IACR’s annual Real World Cryptography (RWC) confere […]四月 26, 2022
Mitigating the top 10 security threats to GCP using the CIS Google Cloud Platform Foundation Benchmark As one of the proud contributors to the newest version […]四月 20, 2022
A brief look at Windows telemetry: CIT aka Customer Interaction Tracker tl;dr Windows version up to at least version 7 containe […]四月 12, 2022
Public Report – Google Enterprise API Security Assessment During the autumn of 2021, Google engaged NCC Group to […]四月 7, 2022
Conti-nuation: methods and techniques observed in operations post the leaks Authored by: Nikolaos Pantazopoulos, Alex Jessop and Si […]三月 31, 2022
Whitepaper – Double Fetch Vulnerabilities in C and C++ Double fetch vulnerabilities in C and C++ have been kno […]三月 28, 2022
Mining data from Cobalt Strike beacons Since we published about identifying Cobalt Strike Team […]三月 25, 2022
Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121) Mooncake Exploit Summary This blog post describes an un […]三月 24, 2022
Tool Release – ScoutSuite 5.11.0 We’re proud to announce the release of a new version of […]三月 16, 2022
Technical Advisory – Apple macOS XAR – Arbitrary File Write (CVE-2022-22582) Vendor: Apple Vendor URL: https://www.apple.com/ System […]三月 15, 2022
Microsoft announces the WMIC command is being retired, Long Live PowerShell Category: Detection and Threat Hunting What is WM […]三月 10, 2022