Microsoft announces the WMIC command is being retired, Long Live PowerShell Category:  Detection and Threat HuntingWhat is WMIC?The Windows Management Instrumen... 2022-3-10 09:15:37 | 阅读: 39 | 收藏 | research.nccgroup.com powershell windows winlog malicious microsoft

SharkBot: a “new” generation Android banking Trojan being distributed on Google Play Store Authors:Alberto Segura, Malware analystRolf Govers, Malware analyst & Forensic IT Ex... 2022-3-4 03:5:4 | 阅读: 35 | 收藏 | research.nccgroup.com sharkbot c2 ats transfers

BrokenPrint: A Netgear stack overflow SummaryVulnerability detailsBackground on ReadySHAREReaching the vulnerable memcpy()Reachi... 2022-2-28 20:43:54 | 阅读: 29 | 收藏 | research.nccgroup.com client kc buf2 dcd printer

Conference Talks – March 2022 This month, members of NCC Group will be presenting their work at the following conferences:... 2022-2-28 16:30:0 | 阅读: 15 | 收藏 | research.nccgroup.com snap security microsoft software jennifer

Hardware & Embedded Systems: A little early effort in security can return a huge payoff Editor’s note: This piece was originally published by embedded.com There’s no shortage o... 2022-2-23 05:5:22 | 阅读: 13 | 收藏 | research.nccgroup.com security development firmware hardware memory

Public Report – O(1) Labs Mina Client SDK, Signature Library and Base Components Cryptography and Implementation Review During October 2021, O(1) Labs engaged NCC Group’s Cryptography Services t... 2022-2-23 02:49:34 | 阅读: 15 | 收藏 | research.nccgroup.com fernick jennifer mina ocaml consultants

Analyzing a PJL directory traversal vulnerability – exploiting the Lexmark MC3224i printer (part 2) SummaryYou said "Reverse Engineering"?Vulnerability detailsBackgroundReaching the vulnerable f... 2022-2-18 17:53:28 | 阅读: 52 | 收藏 | research.nccgroup.com pjl abrt crash ssh

Shaking The Foundation of An Online Collaboration Tool: Microsoft 365 Top 5 Attacks vs the CIS Microsoft 365 Foundation Benchmark As one of the proud contributors to the Center for Internet Security (CIS) Microsoft 365 Foundat... 2022-2-18 16:30:0 | 阅读: 22 | 收藏 | research.nccgroup.com microsoft phishing defender spamming cloud

Bypassing software update package encryption – extracting the Lexmark MC3224i printer firmware (part 1) Written by Catalin VisinescuOn November 3, 2021, Zero Day Initiative Pwn2Own announced that NCC Gr... 2022-2-17 18:25:41 | 阅读: 75 | 收藏 | research.nccgroup.com cvisinescu ubi ubi0 vol ubifs

Detecting Karakurt – an extortion focused threat actor Authored by: Simon Biggs, Richard Footman and Michael Mullentl;drN... 2022-2-17 18:9:42 | 阅读: 33 | 收藏 | research.nccgroup.com karakurt utilised cirt strongly

BAT: a Fast and Small Key Encapsulation Mechanism In this post we present a newly published key encapsulation mechanism (KEM) called BAT. It is a... 2022-2-15 02:39:1 | 阅读: 21 | 收藏 | research.nccgroup.com kem lattice saber

A deeper dive into CVE-2021-39137 – a Golang security bug that Rust would have prevented This blog post discusses two erroneous computation patterns in Golang. By erroneous computationwe m... 2022-2-7 20:0:0 | 阅读: 29 | 收藏 | research.nccgroup.com memory computation erroneous blockchain evm

Estimating the Bit Security of Pairing-Friendly Curves IntroductionThe use of pairings in cryptography began in 1993, when an algorithm developed b... 2022-2-3 17:15:0 | 阅读: 19 | 收藏 | research.nccgroup.com pairing curves security elliptic discrete

Testing Infrastructure-as-Code Using Dynamic Tooling Erik Steringer, NCC GroupOverviewTL;DR: Go check out https://github.com/ncc-erik-stering... 2022-2-3 00:30:0 | 阅读: 14 | 收藏 | research.nccgroup.com cloud github security iac identify

Machine Learning for Static Analysis of Malware – Expansion of Research Scope IntroductionThe work presented in this blog post is that of Ewan Alexander Miles (former UCL... 2022-2-1 00:2:34 | 阅读: 21 | 收藏 | research.nccgroup.com precision recall benign benignware xgboost

10 real-world stories of how we’ve compromised CI/CD pipelines by Aaron Haymore, Iain Smart, Viktor Gazdag, Divya Natesan, and Jennifer FernickMainstream a... 2022-1-13 18:0:0 | 阅读: 35 | 收藏 | research.nccgroup.com runners privileged jenkins gitlab containers

Impersonating Gamers With GPT-2 In this blog post, I’m going to recount the story of my quest to train OpenAI’s large language m... 2022-1-12 17:0:0 | 阅读: 18 | 收藏 | research.nccgroup.com mythic gpt chatbot synthesis machine

NCC Group’s 2021 Annual Research Report Following the popularity of our first Annual Research Report in 2020, we present to you now for... 2022-1-10 23:0:0 | 阅读: 72 | 收藏 | research.nccgroup.com security windows software ransomware

Tool Release – insject: A Linux Namespace Injector tl;dr Grab the release binary from our repo and have fun. Also, happy new year; 2021 couldn’t en... 2022-1-8 13:20:6 | 阅读: 30 | 收藏 | research.nccgroup.com insject setns library overruns processes

Detecting anomalous Vectored Exception Handlers on Windows tl;drAt least one commercial post exploitation framework is using Vect... 2022-1-4 00:24:3 | 阅读: 30 | 收藏 | research.nccgroup.com veh pvectored tprintf