unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Bypassing software update package encryption – extracting the Lexmark MC3224i printer firmware (part 1)
Here are some related articles you may find interesting...
2023-4-5 23:40:30 | 阅读: 27 |
收藏
|
NCC Group Research - research.nccgroup.com
mina
exploited
security
lexmark
seeking
Shaking The Foundation of An Online Collaboration Tool: Microsoft 365 Top 5 Attacks vs the CIS Microsoft 365 Foundation Benchmark
As one of the proud contributors to the Center for Internet Security (CIS)...
2023-4-5 23:40:30 | 阅读: 16 |
收藏
|
NCC Group Research - research.nccgroup.com
microsoft
phishing
security
defender
spamming
BAT: a Fast and Small Key Encapsulation Mechanism
In this post we present a newly published key encapsulation mechanism (KEM)...
2023-4-5 23:40:29 | 阅读: 17 |
收藏
|
NCC Group Research - research.nccgroup.com
kem
lattice
Technical Advisory – play-pac4j Authentication rule bypass
Vendor: PAC4jVendor URL: http://www.pac4j.org/Versions affected: All vers...
2023-4-5 23:40:28 | 阅读: 20 |
收藏
|
NCC Group Research - research.nccgroup.com
security
pac4j
bypass
asks
Machine Learning for Static Analysis of Malware – Expansion of Research Scope
IntroductionThe work presented in this blog post is that of Ewan Alexan...
2023-4-5 23:40:26 | 阅读: 33 |
收藏
|
NCC Group Research - research.nccgroup.com
precision
recall
benign
benignware
xgboost
Tool Release – shouganaiyo-loader: A Tool to Force JVM Attaches
BackgroundJava Virtual Machines (JVMs) provide a number of mechanisms to i...
2023-4-5 23:40:23 | 阅读: 20 |
收藏
|
NCC Group Research - research.nccgroup.com
agents
loader
jvmti
shouganaiyo
hotspot
Breaking Pedersen Hashes in Practice
The Pedersen hash function has gained popularity due to its efficiency in the arithmetic circuit...
2023-3-22 21:0:0 | 阅读: 16 |
收藏
|
NCC Group Research - research.nccgroup.com
pedersen
generators
zcash
g1
scalar
A Race to Report a TOCTOU: Analysis of a Bug Collision in Intel SMM
About four months ago, in October 2022, I was idly poking around the “ICE TEA” leak. This leak w...
2023-3-15 09:1:0 | 阅读: 25 |
收藏
|
NCC Group Research - research.nccgroup.com
spi
smm
comm
Making New Connections – Leveraging Cisco AnyConnect Client to Drop and Run Payloads
The Cisco AnyConnect client has received a fair amount of scrutiny from the security communi...
2023-3-1 21:18:33 | 阅读: 29 |
收藏
|
NCC Group Research - research.nccgroup.com
wfile
cstp
client
anyconnect
username
A Primer On Slowable Encoders
There is a specific type of cryptographic transformation that arises in storage-oriented blo...
2023-2-20 22:38:17 | 阅读: 15 |
收藏
|
NCC Group Research - research.nccgroup.com
computation
miners
compute
slowable
miner
Threat Spotlight – Hydra
This publication is part of our Annual Threat Monitor report that was released on the 8th of...
2023-2-17 23:30:38 | 阅读: 26 |
收藏
|
NCC Group Research - research.nccgroup.com
c2
hydra
tas
injections
github
Rustproofing Linux (Part 4/4 Shared Memory)
This is a four part blog post series that starts with Rustproofing Linux (Part 1/4 Leaking Addre...
2023-2-17 03:33:1 | 阅读: 17 |
收藏
|
NCC Group Research - research.nccgroup.com
memory
volatile
vuln
vma
Rustproofing Linux (Part 3/4 Integer Overflows)
This is a four part blog post series that starts with Rustproofing Linux (Part 1/4 Leaking Addre...
2023-2-15 05:4:6 | 阅读: 16 |
收藏
|
NCC Group Research - research.nccgroup.com
vuln
overflow
ovf
usize
Security Code Review With ChatGPT
TL;DR: Don’t use ChatGPT for security code review. It’s not meant to be used that way, it doesn’t...
2023-2-10 01:50:20 | 阅读: 45 |
收藏
|
NCC Group Research - research.nccgroup.com
security
chatgpt
php
injection
octet
Rustproofing Linux (Part 2/4 Race Conditions)
This is a four part blog post series that starts with Rustproofing Linux (Part 1/4 Leaking Addre...
2023-2-8 23:41:37 | 阅读: 25 |
收藏
|
NCC Group Research - research.nccgroup.com
vuln
mutable
mutex
249
vec
Readable Thrift
Readable Thrift makes binary Thrift protocol messages easy to work with by c...
2023-2-8 18:20:42 | 阅读: 9 |
收藏
|
NCC Group Research - research.nccgroup.com
thrift
anyconnect
analysis
tampering
leveraging
Readable Thrift
Site Maintenance The NCC Group research blog is offline as part of a planned outage whi...
2023-2-8 18:20:42 | 阅读: 8 |
收藏
|
NCC Group Research - research.nccgroup.com
maintenance
planned
outage
migrate
Rustproofing Linux (Part 1/4 Leaking Addresses)
Rust is a programminglanguage guaranteeing memory and thread safety while still being able toa...
2023-2-7 06:32:21 | 阅读: 23 |
收藏
|
NCC Group Research - research.nccgroup.com
memory
vuln
userspace
differs
initialised
Machine Learning 102: Attacking Facial Authentication with Poisoned Data
This blog post is the second in a series related to machine learning, a...
2023-2-4 03:56:44 | 阅读: 19 |
收藏
|
NCC Group Research - research.nccgroup.com
sorry
poisoning
facial
Threat Modelling Cloud Platform Services by Example: Google Cloud Storage
IntroductionThe consumption of cloud services has grown rapidly over the last few years and...
2023-1-31 09:1:0 | 阅读: 21 |
收藏
|
NCC Group Research - research.nccgroup.com
cloud
security
attacker
buckets
gcp
Previous
6
7
8
9
10
11
12
13
Next