Real World Cryptography Conference 2023 – Part I The annual Real World Cryptography Conference organized by the IACR recentl... 2023-5-11 04:36:53 | 阅读: 24 | 收藏 | NCC Group Research - research.nccgroup.com encryption commitment security ciphertext pqc

Public Report – AWS Nitro System API & Security Claims In the last calendar quarter of 2022, Amazon Web Services (AWS) engaged NCC... 2023-5-4 07:28:33 | 阅读: 18 | 收藏 | NCC Group Research - research.nccgroup.com rebinding llm pwn2own machine nitro

State of DNS Rebinding in 2023 Different forms of DNS rebinding attacks have been described as far back as... 2023-4-27 09:1:0 | 阅读: 13 | 收藏 | NCC Group Research - research.nccgroup.com network rebinding chrome singularity bypass

Machine Learning 103: Exploring LLM Code Generation This executable blog post is the third in a series related to machine l... 2023-4-25 09:1:0 | 阅读: 19 | 收藏 | NCC Group Research - research.nccgroup.com security solana kubernetes zk pwn2own

HITBAMS – Your Not so “Home” Office – Soho Hacking at Pwn2Own Alex Plaskett and McCaulay Hudson presented this talk at HITB AMS on the 20t... 2023-4-24 16:31:1 | 阅读: 13 | 收藏 | NCC Group Research - research.nccgroup.com security netgear synology chains

Public Report – AWS Nitro System API & Security Claims In the last calendar quarter of 2022, Amazon Web Services (AWS) engaged NCC... 2023-4-20 14:0:0 | 阅读: 47 | 收藏 | NCC Group Research - research.nccgroup.com security cloud kubernetes solana nitro

Public Report – Kubernetes 1.24 Security Audit NCC Group was selected to perform a security evaluation of Kubernetes 1.24.... 2023-4-17 13:1:13 | 阅读: 10 | 收藏 | NCC Group Research - research.nccgroup.com security kubernetes solana pedersen

Public Report – Solana Program Library ZK-Token Security Assessment In August 2022, Solana Foundation engaged NCC Group to conduct a security as... 2023-4-14 00:0:16 | 阅读: 10 | 收藏 | NCC Group Research - research.nccgroup.com security kubernetes amounts

Stepping Insyde System Management Mode In October of 2022, Intel’s Alder Lake BIOS source code was leaked online.... 2023-4-11 21:5:38 | 阅读: 28 | 收藏 | NCC Group Research - research.nccgroup.com smm smi smram efi memory

Hardware & Embedded Systems: A little early effort in security can return a huge payoff Editor’s note: This piece was originally published by embedded.com... 2023-4-5 23:40:33 | 阅读: 20 | 收藏 | NCC Group Research - research.nccgroup.com security development firmware hardware software

Public Report – O(1) Labs Mina Client SDK, Signature Library and Base Components Cryptography and Implementation Review During October 2021, O(1) Labs engaged NCC Group’s Cryptography Services te... 2023-4-5 23:40:32 | 阅读: 14 | 收藏 | NCC Group Research - research.nccgroup.com security lexmark cirt karakurt exploited

Analyzing a PJL directory traversal vulnerability – exploiting the Lexmark MC3224i printer (part 2) SummaryYou said "Reverse Engineering"?Vulnerability detailsBackgroundReaching the... 2023-4-5 23:40:32 | 阅读: 58 | 收藏 | NCC Group Research - research.nccgroup.com pjl 0x400 getc lexmark

Detecting Karakurt – an extortion focused threat actor This research was conducted by Simon Biggs, Richard Footman and Michael Mul... 2023-4-5 23:40:31 | 阅读: 20 | 收藏 | NCC Group Research - research.nccgroup.com karakurt victim utilised strongly

Bypassing software update package encryption – extracting the Lexmark MC3224i printer firmware (part 1) Here are some related articles you may find interesting... 2023-4-5 23:40:30 | 阅读: 29 | 收藏 | NCC Group Research - research.nccgroup.com mina exploited security lexmark seeking

Shaking The Foundation of An Online Collaboration Tool: Microsoft 365 Top 5 Attacks vs the CIS Microsoft 365 Foundation Benchmark As one of the proud contributors to the Center for Internet Security (CIS)... 2023-4-5 23:40:30 | 阅读: 16 | 收藏 | NCC Group Research - research.nccgroup.com microsoft phishing security defender spamming

BAT: a Fast and Small Key Encapsulation Mechanism In this post we present a newly published key encapsulation mechanism (KEM)... 2023-4-5 23:40:29 | 阅读: 17 | 收藏 | NCC Group Research - research.nccgroup.com kem lattice

Technical Advisory – play-pac4j Authentication rule bypass Vendor: PAC4jVendor URL: http://www.pac4j.org/Versions affected: All vers... 2023-4-5 23:40:28 | 阅读: 20 | 收藏 | NCC Group Research - research.nccgroup.com security pac4j bypass asks

Machine Learning for Static Analysis of Malware – Expansion of Research Scope IntroductionThe work presented in this blog post is that of Ewan Alexan... 2023-4-5 23:40:26 | 阅读: 33 | 收藏 | NCC Group Research - research.nccgroup.com precision recall benign benignware xgboost

Tool Release – shouganaiyo-loader: A Tool to Force JVM Attaches BackgroundJava Virtual Machines (JVMs) provide a number of mechanisms to i... 2023-4-5 23:40:23 | 阅读: 21 | 收藏 | NCC Group Research - research.nccgroup.com agents loader jvmti shouganaiyo hotspot

Breaking Pedersen Hashes in Practice The Pedersen hash function has gained popularity due to its efficiency in the arithmetic circuit... 2023-3-22 21:0:0 | 阅读: 17 | 收藏 | NCC Group Research - research.nccgroup.com pedersen generators zcash g1 scalar