Experiments in Extending Thinkst Canary – Part 1 tl;drThe Thinkst Canary is best described as a digital tripwire for ph... 2020-07-04 23:00:35 | 阅读: 530 | 收藏 | research.nccgroup.com development twisted opencanary canaryproxy 0100

Tool Release – ScoutSuite 5.9.0 We’re proud to announce the release of a new version of our open-source, m... 2020-07-03 02:58:10 | 阅读: 526 | 收藏 | research.nccgroup.com rami cloud mccarthy security github

Technical Advisory – macOS Installer Local Root Privilege Escalation (CVE-2020-9817) Vendor: AppleVendor URL: https://www.apple.comVersions affected: All versions of macOS prior to... 2020-07-02 20:00:57 | 阅读: 496 | 收藏 | research.nccgroup.com 501 postinstall owned 502

Paper: Thematic for Success in Real-World Offensive Cyber Operations – How to make threat actors work harder and fail more often tl;drToday we’ve released a whitepaper on the key techniques that cont... 2020-07-02 19:11:52 | 阅读: 517 | 收藏 | research.nccgroup.com t1078 ollie whitehouse thwart

How-to: Importing WStalker CSV (and more) into Burp Suite via Import to Sitemap Extension tl;drIn this post we show how to import WStalker output into Burp Suit... 2020-06-30 20:07:37 | 阅读: 641 | 收藏 | research.nccgroup.com sitemap burp wstalker zap importing

Tool: WStalker – an easy proxy to support Web API assessments tl;drHave you ever faced a situation where you have a number of web se... 2020-06-30 19:52:22 | 阅读: 562 | 收藏 | research.nccgroup.com wstalker proxy situations developers

Security Considerations of zk-SNARK Parameter Multi-Party Computation Zero-knowledge proofs are cryptographic constructions allowing users to demonstrate the knowledg... 2020-06-24 21:00:22 | 阅读: 634 | 收藏 | research.nccgroup.com ceremony security zk

WastedLocker: A New Ransomware Variant Developed By The Evil Corp Group Authors: Nikolaos Pantazopoulos, Stefano Antenucci (@Antelox) and Michael Sandee1. Introduct... 2020-06-23 20:59:17 | 阅读: 571 | 收藏 | research.nccgroup.com ransomware windows encryption victim

Tool Release – Socks Over RDP Now Works With Citrix IntroductionA month ago, we released a new tool that made it possible... 2020-06-17 16:00:00 | 阅读: 609 | 收藏 | research.nccgroup.com citrix remote receiver github nccgroup

Striking Back at Retired Cobalt Strike: A look at a legacy vulnerability This vulnerability applied to a 5 year old end of life version of CobaltStrike and is being... 2020-06-16 03:08:47 | 阅读: 616 | 收藏 | research.nccgroup.com beacon cobalt download encryption decrypted

Technical Advisory – ARM MbedOS USB Mass Storage Driver Memory Corruption Vendor: ARMVendor URL: https://os.mbed.com/Versions affected: Prior to 5.15.2Systems Affected... 2020-06-11 21:00:00 | 阅读: 559 | 收藏 | research.nccgroup.com memory stage csw memorywrite mar

Cyber Security of New Space Paper NCC Group’s Transport Security Practice as part of its ongoing research an... 2020-06-03 22:09:15 | 阅读: 562 | 收藏 | research.nccgroup.com security satellite threats satellites surrey

In-depth analysis of the new Team9 malware family 1. IntroductionPublicly discovered in late April 2020, the Team9 malware family (also known... 2020-06-02 23:00:12 | 阅读: 573 | 收藏 | research.nccgroup.com loader team9 windows download bazar

Common Insecure Practices with Configuring and Extending Salesforce This article discusses the most common findings from a sample of over 35 security assessments of... 2020-06-02 16:00:00 | 阅读: 540 | 收藏 | research.nccgroup.com salesforce security developer sso

Exploring DeepFake Capabilities & Mitigation Strategies with University College London Overview NCC Group is an industry partner for University College Londo... 2020-06-01 23:27:00 | 阅读: 500 | 收藏 | research.nccgroup.com deepfake deepfakes ucl aspects cdt

Game Security This blog post provides an overview of cheating and anti-cheat methods in electronic games. NCC... 2020-05-29 16:00:00 | 阅读: 536 | 收藏 | research.nccgroup.com cheating cheat players client cheaters

Exploring macOS Calendar Alerts: Part 2 – Exfiltrating data (CVE-2020-3882) tl;drUsing a carefully crafted calendar event, an attacker can retrieve semi-arbitrary files fro... 2020-05-28 21:00:00 | 阅读: 515 | 收藏 | research.nccgroup.com invite meeting attendee attachment organizer

Research Report – Zephyr and MCUboot Security Assessment Over the years, NCC Group has audited countless embedded devices for our c... 2020-05-27 03:00:00 | 阅读: 539 | 收藏 | research.nccgroup.com zephyr mcuboot rtos security bootloader

CVE-2018-8611 Exploiting Windows KTM Part 5/5 – Vulnerability detection and a better read/write primitive TL;DRSafe vulnerability testBlueHat 2019 Shanghai presentation reviewApproach comparisonThe 0... 2020-05-25 16:00:00 | 阅读: 539 | 收藏 | research.nccgroup.com windows kthread userland ownerthread

CVE-2018-8611 Exploiting Windows KTM Part 4/5 – From race win to kernel read and write primitive TL;DRInitial kernel address revelation‘Escape’ enlistmentCandidate functions for a write primiti... 2020-05-18 16:00:00 | 阅读: 590 | 收藏 | research.nccgroup.com ownerthread kmutant increment kthread mutant