Incremental Machine Leaning by Example: Detecting Suspicious Activity with Zeek Data Streams, River, and JA3 Hashes tl:drIncremental Learning is an extremely useful machine learning paradigm for deriving... 2021-06-14 17:00:00 | 阅读: 171 | 收藏 | research.nccgroup.com ja3 rarity incremental rare zeek

Testing Two-Factor Authentication More and more applications we test are implementing some form of two-factor authentication (2FA,... 2021-06-10 20:00:00 | 阅读: 141 | 收藏 | research.nccgroup.com security webauthn attacker totp

Optimizing Pairing-Based Cryptography: Montgomery Arithmetic in Rust This is the first blog post in a new code-centric series about selected optimizations found in p... 2021-06-09 17:00:00 | 阅读: 159 | 收藏 | research.nccgroup.com reduction montgomery subtraction modulus

Research Paper – Machine Learning for Static Malware Analysis, with University College London For the past few years, NCC Group has been an industry partner to the Centre for Doctoral Traini... 2021-06-07 19:00:00 | 阅读: 135 | 收藏 | research.nccgroup.com malicious machine analysis windows london

Conference Talks – June 2021 This month, members of NCC Group will be presenting their work at the foll... 2021-06-05 22:00:00 | 阅读: 131 | 收藏 | research.nccgroup.com forest security forests trusts virtualjune

Public Report – Protocol Labs Groth16 Proof Aggregation: Cryptography and Implementation Review During April 2021, Protocol Labs engaged NCC Group’s Cryptography Services... 2021-06-05 02:43:47 | 阅读: 147 | 收藏 | research.nccgroup.com groth16 tau bellperson powers transcripts

iOS User Enrollment and Trusted Certificates tl;drThe User Enrollment MDM option added with iOS 13 does not restrict MDM-deployed certifi... 2021-06-05 01:35:45 | 阅读: 125 | 收藏 | research.nccgroup.com mdm enrollment byod phones network

Detecting Rclone – An Effective Tool for Exfiltration NCC Group’s Cyber Incident Response Team (CIRT) have responded to a large... 2021-05-27 19:01:33 | 阅读: 226 | 收藏 | research.nccgroup.com mega sigma remote breakdown nz

Supply Chain Security Begins with Secure Software Development by Robert C. SeacordComponent-based Software DevelopmentSupply chain security is a compl... 2021-05-20 20:00:00 | 阅读: 159 | 收藏 | research.nccgroup.com software attestation security artifact conformance

Using UUIDs for Authorization is Dangerous (even if they’re cryptographically random) Authorization vulnerabilities continue to be one of the largest and most difficult to remediate... 2021-05-10 18:00:00 | 阅读: 168 | 收藏 | research.nccgroup.com uuids attacker unguessable toxic shouldn

Public Report – Dell Secured Component Verification During February 2021, Dell engaged NCC Group to conduct a security assessm... 2021-05-05 21:30:00 | 阅读: 149 | 收藏 | research.nccgroup.com dell security hardware network scv

Conference Talks – May 2021 This month, members of NCC Group will be presenting their work at the foll... 2021-04-30 17:00:00 | 阅读: 294 | 收藏 | research.nccgroup.com druby security northsec hardware

A Census of Deployed Pulse Connect Secure (PCS) Versions Today we are releasing some statistics around deployment of Pulse Connect Secure versions in the... 2021-04-23 23:55:28 | 阅读: 197 | 收藏 | research.nccgroup.com pcs bom genericv2

NCC Group’s Upcoming Trainings at Black Hat USA 2021 NCC Group will be presenting 4 different training courses at Black Hat USA... 2021-04-14 07:04:25 | 阅读: 207 | 收藏 | research.nccgroup.com security cloud exercises attendees presenter

Public Report – VPN by Google One: Technical Security & Privacy Assessment During the fourth calendar quarter of 2020 and the first calendar qu... 2021-04-09 00:23:01 | 阅读: 183 | 收藏 | research.nccgroup.com quarter conducted network claims navigation

Technical Advisory – ParcelTrack sends all pasteboard data to ParcelTrack’s servers on startup Vendor: ParcelTrackVendor URL: https://www.parceltrack.de/Versions affec... 2021-03-31 01:57:51 | 阅读: 175 | 收藏 | research.nccgroup.com parceltrack pasteboard clipboard dan hastings

Tool Release – Principal Mapper v1.1.0 Update Principal Mapper, or PMapper, is a tool and library for in-depth analysis... 2021-03-30 04:57:33 | 阅读: 122 | 收藏 | research.nccgroup.com pmapper github nccgroup scps simulation

SAML XML Injection The Single Sign-On (SSO) approach to authentication controls and identity management was quickly... 2021-03-29 23:00:00 | 阅读: 218 | 收藏 | research.nccgroup.com oasis urn assertion samlp adam

The Future of C Code Review I gave a short talk on the Future of C Code Review at our internal (Not) N... 2021-03-24 00:12:31 | 阅读: 222 | 收藏 | research.nccgroup.com provenance analysis assumed arises explains

RIFT: Detection capabilities for recent F5 BIG-IP/BIG-IQ iControl REST API vulnerabilities CVE-2021-22986 tl;drThis post by Rich Warren and Sander Laarhoven discusses NCC Group observed in the wild... 2021-03-19 02:41:04 | 阅读: 232 | 收藏 | research.nccgroup.com mar 8100 authn mgmt stage