unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Mitigating the top 10 security threats to GCP using the CIS Google Cloud Platform Foundation Benchmark
As one of the proud contributors to the newest version of the CIS Google Cloud Platform Foundati...
2022-4-21 00:47:18 | 阅读: 25 |
收藏
|
research.nccgroup.com
cloud
security
metric
network
A brief look at Windows telemetry: CIT aka Customer Interaction Tracker
tl;drWindows version up to at least version 7 contained a telemetry source called Customer I...
2022-4-12 22:6:46 | 阅读: 28 |
收藏
|
research.nccgroup.com
cit
bitmaps
windows
filetime
Public Report – Google Enterprise API Security Assessment
During the autumn of 2021, Google engaged NCC Group to perform a review of...
2022-4-8 04:6:20 | 阅读: 32 |
收藏
|
research.nccgroup.com
jennifer
fernick
stig
criteria
Conti-nuation: methods and techniques observed in operations post the leaks
Authored by: Nikolaos Pantazopoulos, Alex Jessop and Simon BiggsExecu...
2022-3-31 20:57:16 | 阅读: 20 |
收藏
|
research.nccgroup.com
ransomware
network
cobalt
lateral
windows
Whitepaper – Double Fetch Vulnerabilities in C and C++
Double fetch vulnerabilities in C and C++ have been known about for a numb...
2022-3-28 21:0:0 | 阅读: 28 |
收藏
|
research.nccgroup.com
whitepaper
varying
outcomes
draws
Mining data from Cobalt Strike beacons
Since we published about identifying Cobalt Strike Team Servers in the wild just over three year...
2022-3-26 00:18:44 | 阅读: 43 |
收藏
|
research.nccgroup.com
beacon
cobalt
beacons
dissect
Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121)
Mooncake ExploitThis blog post describes an unchecked return value vulnerability found and...
2022-3-24 21:13:5 | 阅读: 148 |
收藏
|
research.nccgroup.com
afp
dsi
netatalk
adouble
eid
Tool Release – ScoutSuite 5.11.0
We’re proud to announce the release of a new version of our open-source, m...
2022-3-17 01:39:58 | 阅读: 50 |
收藏
|
research.nccgroup.com
cloud
github
scout
1added
Technical Advisory – Apple macOS XAR – Arbitrary File Write (CVE-2022-22582)
Vendor: AppleVendor URL: https://www.apple.com/Systems Affected: macOS M...
2022-3-16 03:34:53 | 阅读: 43 |
收藏
|
research.nccgroup.com
xar
richard
30833
security
warren
Microsoft announces the WMIC command is being retired, Long Live PowerShell
Category: Detection and Threat HuntingWhat is WMIC?The Windows Management Instrumen...
2022-3-10 09:15:37 | 阅读: 39 |
收藏
|
research.nccgroup.com
powershell
windows
winlog
malicious
microsoft
SharkBot: a “new” generation Android banking Trojan being distributed on Google Play Store
Authors:Alberto Segura, Malware analystRolf Govers, Malware analyst & Forensic IT Ex...
2022-3-4 03:5:4 | 阅读: 34 |
收藏
|
research.nccgroup.com
sharkbot
c2
ats
transfers
BrokenPrint: A Netgear stack overflow
SummaryVulnerability detailsBackground on ReadySHAREReaching the vulnerable memcpy()Reachi...
2022-2-28 20:43:54 | 阅读: 24 |
收藏
|
research.nccgroup.com
client
kc
buf2
dcd
printer
Conference Talks – March 2022
This month, members of NCC Group will be presenting their work at the following conferences:...
2022-2-28 16:30:0 | 阅读: 15 |
收藏
|
research.nccgroup.com
snap
security
microsoft
software
jennifer
Hardware & Embedded Systems: A little early effort in security can return a huge payoff
Editor’s note: This piece was originally published by embedded.com There’s no shortage o...
2022-2-23 05:5:22 | 阅读: 13 |
收藏
|
research.nccgroup.com
security
development
firmware
hardware
memory
Public Report – O(1) Labs Mina Client SDK, Signature Library and Base Components Cryptography and Implementation Review
During October 2021, O(1) Labs engaged NCC Group’s Cryptography Services t...
2022-2-23 02:49:34 | 阅读: 15 |
收藏
|
research.nccgroup.com
fernick
jennifer
mina
ocaml
consultants
Analyzing a PJL directory traversal vulnerability – exploiting the Lexmark MC3224i printer (part 2)
SummaryYou said "Reverse Engineering"?Vulnerability detailsBackgroundReaching the vulnerable f...
2022-2-18 17:53:28 | 阅读: 49 |
收藏
|
research.nccgroup.com
pjl
abrt
crash
ssh
Shaking The Foundation of An Online Collaboration Tool: Microsoft 365 Top 5 Attacks vs the CIS Microsoft 365 Foundation Benchmark
As one of the proud contributors to the Center for Internet Security (CIS) Microsoft 365 Foundat...
2022-2-18 16:30:0 | 阅读: 22 |
收藏
|
research.nccgroup.com
microsoft
phishing
defender
spamming
cloud
Bypassing software update package encryption – extracting the Lexmark MC3224i printer firmware (part 1)
Written by Catalin VisinescuOn November 3, 2021, Zero Day Initiative Pwn2Own announced that NCC Gr...
2022-2-17 18:25:41 | 阅读: 73 |
收藏
|
research.nccgroup.com
cvisinescu
ubi
ubi0
vol
ubifs
Detecting Karakurt – an extortion focused threat actor
Authored by: Simon Biggs, Richard Footman and Michael Mullentl;drN...
2022-2-17 18:9:42 | 阅读: 33 |
收藏
|
research.nccgroup.com
karakurt
utilised
cirt
strongly
BAT: a Fast and Small Key Encapsulation Mechanism
In this post we present a newly published key encapsulation mechanism (KEM) called BAT. It is a...
2022-2-15 02:39:1 | 阅读: 21 |
收藏
|
research.nccgroup.com
kem
lattice
saber
Previous
11
12
13
14
15
16
17
18
Next