unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
North Korea’s Lazarus: their initial access trade-craft using social media and social engineering
Authored by: Michael Matthews and Nikolaos Pantazopoulos This blog post documents some o...
2022-5-5 16:20:43 | 阅读: 77 |
收藏
|
research.nccgroup.com
network
malicious
payload
analysis
security
Adventures in the land of BumbleBee – a new malicious loader
Authored by: Mike Stokkel, Nikolaos Totosis and Nikolaos Pantazopoulos...
2022-4-29 18:54:58 | 阅读: 23 |
收藏
|
research.nccgroup.com
bumblebee
network
loader
analysis
windows
LAPSUS$: Recent techniques, tactics and procedures
Authored by: David Brown, Michael Matthews and Rob Smallridgetl;dr...
2022-4-28 17:55:15 | 阅读: 24 |
收藏
|
research.nccgroup.com
lapsus
victim
cloud
remote
network
Real World Cryptography Conference 2022
The IACR’s annual Real World Cryptography (RWC) conference took place in Amsterdam a few weeks a...
2022-4-26 21:0:0 | 阅读: 26 |
收藏
|
research.nccgroup.com
security
encryption
pq
client
ecdsa
Mitigating the top 10 security threats to GCP using the CIS Google Cloud Platform Foundation Benchmark
As one of the proud contributors to the newest version of the CIS Google Cloud Platform Foundati...
2022-4-21 00:47:18 | 阅读: 25 |
收藏
|
research.nccgroup.com
cloud
security
metric
network
A brief look at Windows telemetry: CIT aka Customer Interaction Tracker
tl;drWindows version up to at least version 7 contained a telemetry source called Customer I...
2022-4-12 22:6:46 | 阅读: 28 |
收藏
|
research.nccgroup.com
cit
bitmaps
windows
filetime
Public Report – Google Enterprise API Security Assessment
During the autumn of 2021, Google engaged NCC Group to perform a review of...
2022-4-8 04:6:20 | 阅读: 32 |
收藏
|
research.nccgroup.com
jennifer
fernick
stig
criteria
Conti-nuation: methods and techniques observed in operations post the leaks
Authored by: Nikolaos Pantazopoulos, Alex Jessop and Simon BiggsExecu...
2022-3-31 20:57:16 | 阅读: 20 |
收藏
|
research.nccgroup.com
ransomware
network
cobalt
lateral
windows
Whitepaper – Double Fetch Vulnerabilities in C and C++
Double fetch vulnerabilities in C and C++ have been known about for a numb...
2022-3-28 21:0:0 | 阅读: 28 |
收藏
|
research.nccgroup.com
whitepaper
varying
outcomes
draws
Mining data from Cobalt Strike beacons
Since we published about identifying Cobalt Strike Team Servers in the wild just over three year...
2022-3-26 00:18:44 | 阅读: 43 |
收藏
|
research.nccgroup.com
beacon
cobalt
beacons
dissect
Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121)
Mooncake ExploitThis blog post describes an unchecked return value vulnerability found and...
2022-3-24 21:13:5 | 阅读: 148 |
收藏
|
research.nccgroup.com
afp
dsi
netatalk
adouble
eid
Tool Release – ScoutSuite 5.11.0
We’re proud to announce the release of a new version of our open-source, m...
2022-3-17 01:39:58 | 阅读: 50 |
收藏
|
research.nccgroup.com
cloud
github
scout
1added
Technical Advisory – Apple macOS XAR – Arbitrary File Write (CVE-2022-22582)
Vendor: AppleVendor URL: https://www.apple.com/Systems Affected: macOS M...
2022-3-16 03:34:53 | 阅读: 43 |
收藏
|
research.nccgroup.com
xar
richard
30833
security
warren
Microsoft announces the WMIC command is being retired, Long Live PowerShell
Category: Detection and Threat HuntingWhat is WMIC?The Windows Management Instrumen...
2022-3-10 09:15:37 | 阅读: 39 |
收藏
|
research.nccgroup.com
powershell
windows
winlog
malicious
microsoft
SharkBot: a “new” generation Android banking Trojan being distributed on Google Play Store
Authors:Alberto Segura, Malware analystRolf Govers, Malware analyst & Forensic IT Ex...
2022-3-4 03:5:4 | 阅读: 34 |
收藏
|
research.nccgroup.com
sharkbot
c2
ats
transfers
BrokenPrint: A Netgear stack overflow
SummaryVulnerability detailsBackground on ReadySHAREReaching the vulnerable memcpy()Reachi...
2022-2-28 20:43:54 | 阅读: 24 |
收藏
|
research.nccgroup.com
client
kc
buf2
dcd
printer
Conference Talks – March 2022
This month, members of NCC Group will be presenting their work at the following conferences:...
2022-2-28 16:30:0 | 阅读: 15 |
收藏
|
research.nccgroup.com
snap
security
microsoft
software
jennifer
Hardware & Embedded Systems: A little early effort in security can return a huge payoff
Editor’s note: This piece was originally published by embedded.com There’s no shortage o...
2022-2-23 05:5:22 | 阅读: 13 |
收藏
|
research.nccgroup.com
security
development
firmware
hardware
memory
Public Report – O(1) Labs Mina Client SDK, Signature Library and Base Components Cryptography and Implementation Review
During October 2021, O(1) Labs engaged NCC Group’s Cryptography Services t...
2022-2-23 02:49:34 | 阅读: 15 |
收藏
|
research.nccgroup.com
fernick
jennifer
mina
ocaml
consultants
Analyzing a PJL directory traversal vulnerability – exploiting the Lexmark MC3224i printer (part 2)
SummaryYou said "Reverse Engineering"?Vulnerability detailsBackgroundReaching the vulnerable f...
2022-2-18 17:53:28 | 阅读: 49 |
收藏
|
research.nccgroup.com
pjl
abrt
crash
ssh
Previous
11
12
13
14
15
16
17
18
Next