Tracking a P2P network related to TA505 This post is by Nikolaos Pantazopoulos and Michael SandeeFor the past few months NCC Gro... 2021-12-01 17:57:13 | 阅读: 28 | 收藏 | research.nccgroup.com network grace payload ta505 dnsc

Conference Talks – December 2021 This month, members of NCC Group will be presenting their work at the foll... 2021-12-01 02:14:27 | 阅读: 25 | 收藏 | research.nccgroup.com security ietf rfcs arthir

Public Report – Zendoo Proof Verifier Cryptography Review During the summer of 2021, Horizen Labs engaged NCC Group to conduct a cry... 2021-11-30 18:00:00 | 阅读: 17 | 收藏 | research.nccgroup.com fernick jennifer proofs polynomial engagement

An Illustrated Guide to Elliptic Curve Cryptography Validation Elliptic Curve Cryptography (ECC) has become the de facto standard for protecting modern communi... 2021-11-18 21:00:00 | 阅读: 30 | 收藏 | research.nccgroup.com elliptic subgroup coordinates curves infinity

Exploit the Fuzz – Exploiting Vulnerabilities in 5G Core Networks Following on from our previous blog post ‘The Challenges of Fuzzing 5G Protocols’, in this post,... 2021-11-17 00:26:04 | 阅读: 79 | 收藏 | research.nccgroup.com ogs dnn pfcp open5gs overflow

POC2021 – Pwning the Windows 10 Kernel with NFTS and WNF Slides Alex Plaskett presented “Pwning the Windows 10 Kernel with NTFS and WN... 2021-11-15 18:02:56 | 阅读: 18 | 收藏 | research.nccgroup.com windows wnf attacker alex broad

Technical Advisory – Multiple Vulnerabilities in Victure WR1200 WiFi Router (CVE-2021-43282, CVE-2021-43283, CVE-2021-43284) Victure’s WR1200 WiFi router, also sometimes referred to as AC1200, was found to have multiple v... 2021-11-13 00:00:00 | 阅读: 61 | 收藏 | research.nccgroup.com victure attacker network wr1200 ssh

“We wait, because we know you.” Inside the ransomware negotiation economics. Pepijn Hack, Cybersecurity Analyst, Fox-IT, part of NCC GroupZong-Yu Wu, Threat Analyst, Fox... 2021-11-12 17:00:00 | 阅读: 19 | 收藏 | research.nccgroup.com ransomware victim negotiation paying dollars

Detection Engineering for Kubernetes clusters Written by Ben Lister and Kane Ryans This blog post details the collaboration between NCC Group’... 2021-11-11 00:17:56 | 阅读: 53 | 收藏 | research.nccgroup.com kubernetes detections behaviour pods attacker

Vaccine Misinformation Part 1: Misinformation Attacks as a Cyber Kill Chain The open and wide-reaching nature of social media platforms have led them to become breeding gro... 2021-11-10 05:10:21 | 阅读: 18 | 收藏 | research.nccgroup.com vaccine vaccines attackers stage

Technical Advisory – Arbitrary Signature Forgery in Stark Bank ECDSA Libraries Vendor: Stark Bank's open-source ECDSA cryptography librariesVendor URL: https://starkbank.com/... 2021-11-09 04:33:26 | 阅读: 45 | 收藏 | research.nccgroup.com ecdsa starkbank github stark inv

TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access NCC Group’s global Cyber Incident Response Team has observed an increase in Clop ransomware vict... 2021-11-09 00:59:22 | 阅读: 66 | 收藏 | research.nccgroup.com serv clsid powershell microsoft

Public Report – Zcash NU5 Cryptography Review In March 2021, Electric Coin Co. engaged NCC Group to perform a review of... 2021-11-03 00:22:57 | 阅读: 29 | 收藏 | research.nccgroup.com jennifer fernick network nu5 zcash

The Next C Language Standard (C23) by Robert C. SeacordThe cutoff for new feature proposals for the next... 2021-11-02 04:25:10 | 阅读: 35 | 收藏 | research.nccgroup.com annex calloc seacord robert volatile

Conference Talks – November 2021 This month, members of NCC Group will be presenting their work at the following conferences:... 2021-11-01 19:00:00 | 阅读: 30 | 收藏 | research.nccgroup.com ransomware security windows symposium negotiation

Technical Advisory – Apple XAR – Arbitrary File Write (CVE-2021-30833) Vendor: AppleVendor URL: https://www.apple.com/Versions affected: xar 1.... 2021-10-28 17:00:00 | 阅读: 21 | 收藏 | research.nccgroup.com xar attacker archived richard

Public Report – WhatsApp End-to-End Encrypted Backups Security Assessment During the summer of 2021, WhatsApp engaged NCC Group’s Cryptography Servi... 2021-10-28 05:20:00 | 阅读: 27 | 收藏 | research.nccgroup.com jennifer fernick security preparation enjenneer

Cracking Random Number Generators using Machine Learning – Part 2: Mersenne Twister Outline1. Introduction2. How does MT19937 PRNG work?3. Using Neural Networks to model the MT... 2021-10-23 14:52:02 | 阅读: 42 | 收藏 | research.nccgroup.com 624 prng tempering twisting 623

Cracking RDP NLA Supplied Credentials for Threat Intelligence NLA Honeypot Part DeuxThis is a continuation of the research from Building an RDP Credential... 2021-10-22 04:40:44 | 阅读: 36 | 收藏 | research.nccgroup.com nla freerdp passwords mic

Detecting and Protecting when Remote Desktop Protocol (RDP) is open to the Internet Category:  Detection/Reduction/PreventionRemote Desktop Protocol (RDP) is how users of M... 2021-10-22 01:48:57 | 阅读: 28 | 收藏 | research.nccgroup.com windows remote microsoft disconnect