Building an RDP Credential Catcher for Threat Intelligence tl;drWe wanted to build a mechanism to capture all the passwords used... 2021-01-10 23:01:31 | 阅读: 303 | 收藏 | research.nccgroup.com pgina nla remote microsoft

Double-odd Elliptic Curves This post is about some new (or sort of new) elliptic curves for use in cryptographic protocols.... 2021-01-06 21:00:00 | 阅读: 294 | 收藏 | research.nccgroup.com curves odd elliptic cofactor cycles

Using AWS and Azure for Cost Effective Log Ingestion with Data Processing Pipelines for SIEMs tl;drLiam Stevenson, Associate Director of Technical Services within NCC Group’s Managed Det... 2021-01-04 20:28:03 | 阅读: 296 | 收藏 | research.nccgroup.com nifi microsoft eps reduced github

Domestic IoT Nightmares: Smart Doorbells PrefaceHalf way through 2020, UK independent consumer champion Which? magazine reached out t... 2020-12-18 23:00:00 | 阅读: 600 | 收藏 | research.nccgroup.com firmware doorbell network qr eventid

Technical Advisory: OS Command Injection in Silver Peak EdgeConnect Appliances (CVE-2020-12148, CVE-2020-12149) Vendor: Silver PeakVendor URL: https://www.silver-peak.comVersions affec... 2020-12-17 23:12:14 | 阅读: 315 | 收藏 | research.nccgroup.com edgeconnect peak silver software

Helping Engineering Teams Tackle Security Debt in Embedded Systems: U-Boot Configuration Auditing Introduced in Depthcharge v0.2.0 Depthcharge v0.2.0 is now available on GitHub and PyPi. This release introduces new “configurati... 2020-12-16 21:00:00 | 阅读: 278 | 收藏 | research.nccgroup.com depthcharge security checker software dummy

An Adventure in Contingency Debugging: Ruby IO#read/IO#write Considered Harmful Recently, I was working on weaponizing a particular bug with a colleague. For reasons unfathomab... 2020-12-15 21:00:00 | 阅读: 291 | 收藏 | research.nccgroup.com tpex tracepoint tcpsocket errno econnreset

ABSTRACT SHIMMER (CVE-2020-15257): Host Networking is root-Equivalent, Again This post is a technical discussion of the underlying vulnerability of CVE-2020-15257, and how i... 2020-12-11 00:00:00 | 阅读: 343 | 收藏 | research.nccgroup.com containerd shim sockets ttrpc client

Tool Release – HTTPSignatures: A Burp Suite Extension Implementing HTTP Signatures HTTPSignatures is a PortSwigger Burp Suite extension that implements the Signing HTTP Messages d... 2020-12-08 22:00:00 | 阅读: 329 | 收藏 | research.nccgroup.com burp activitypub security draft

ICS/OT Security & the evolution of the Purdue Model: Integrating Industrial and Business Networks In this recording of a presentation by NCC Group’s Damon Small at Hou.Sec.... 2020-12-05 04:40:21 | 阅读: 369 | 收藏 | research.nccgroup.com security purdue boundaries studies driving

Tool Release – Carnivore: Microsoft External Assessment Tool Carnivore is a tool for assessing on-premises Microsoft servers such as AD... 2020-12-03 23:29:29 | 阅读: 334 | 收藏 | research.nccgroup.com carnivore username spraying meetings ucwa

Technical Advisory: containerd – containerd-shim API Exposed to Host Network Containers (CVE-2020-15257) Vendor: containerd ProjectVendor URL: https://containerd.io/Versions affected: 1.3.x, 1.2.x, 1.4.x... 2020-12-01 04:14:10 | 阅读: 386 | 收藏 | research.nccgroup.com containerd shim containers security sockets

Conference Talks – December 2020 This month, members of NCC Group will be presenting their work at the foll... 2020-11-30 21:00:00 | 阅读: 351 | 收藏 | research.nccgroup.com security kubernetes containers juan covering

Decrypting OpenSSH sessions for fun and profit UncategorizedNovember 11, 20205 Minutes... 2020-11-11 19:59:53 | 阅读: 346 | 收藏 | research.nccgroup.com ssh openssh memory volatility client

Past, Present and Future of Effective C Dennis Ritchie and Ken Thompson invented the C Programming Language at Bell Telephone Laborator... 2020-11-10 21:00:00 | 阅读: 352 | 收藏 | research.nccgroup.com iec 9899 seacord ballman guarded

Technical Advisory: SQL Injection and Reflected Cross-Site Scripting (XSS) Vulnerabilities in Oracle Communications Diameter Signaling Router (CVE-2020-14787, CVE-2020-14788) Vendor: OracleVendor URL: https://www.oracle.com/Versions affected: 8.0.... 2020-11-03 11:10:00 | 阅读: 304 | 收藏 | research.nccgroup.com gridfilter codeline addressed injection payload

Conference Talks – November 2020 This month, members of NCC Group will be presenting their work at the foll... 2020-10-31 21:00:00 | 阅读: 355 | 收藏 | research.nccgroup.com ama honk sig duffie

Technical Advisory: Pulse Connect Secure – Arbitrary File Read via Logon Message (CVE-2020-8255) Vendor: Pulse SecureVendor URL: https://www.pulsesecure.net/Versions af... 2020-10-27 04:15:05 | 阅读: 271 | 收藏 | research.nccgroup.com pulse pcs symlinks dana richard

Technical Advisory: Pulse Connect Secure – RCE via Uncontrolled Gzip Extraction (CVE-2020-8260) Vendor: Pulse SecureVendor URL: https://www.pulsesecure.net/Versions affected: Pulse Connect Sec... 2020-10-27 04:14:56 | 阅读: 298 | 收藏 | research.nccgroup.com pcs watchdog pulse library setcookie

Technical Advisory – Jitsi Meet Electron – Arbitrary Client Remote Code Execution (CVE-2020-27162) Current Vendor: JitsiVendor URL: https://jitsi.orgVersions affected: 1.x... 2020-10-23 12:13:41 | 阅读: 401 | 收藏 | research.nccgroup.com jitsi client remote security execfile