unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
NSA & CISA Kubernetes Security Guidance – A Critical Review
Last month, the United States’ National Security Agency (NSA) and Cybersecurity and Infrastructu...
2021-09-10 00:08:21 | 阅读: 42 |
收藏
|
research.nccgroup.com
kubernetes
security
ctr
psp
Technical Advisory – New York State Excelsior Pass Vaccine Passport Scanner App Sends Data to a Third Party not Specified in Privacy Policy
Vendor: New York StateVendor URL: https://covid19vaccine.health.ny.gov/ex...
2021-09-02 04:05:15 | 阅读: 43 |
收藏
|
research.nccgroup.com
nys
excelsior
dan
doh
hastings
Technical Advisory – New York State Excelsior Pass Vaccine Passport Credential Forgery
Vendor: New York StateVendor URL: https://play.google.com/store/apps/deta...
2021-09-02 04:05:12 | 阅读: 62 |
收藏
|
research.nccgroup.com
nys
vaccine
excelsior
doh
adukia
Conference Talks – September 2021
This month, members of NCC Group will be presenting their work at the foll...
2021-08-31 17:08:14 | 阅读: 40 |
收藏
|
research.nccgroup.com
sept
telephony
security
network
The ABCs of NFC chip security
tl;drNFC tags are becoming increasingly more common in everyday use cases such as: Publi...
2021-08-31 07:34:51 | 阅读: 24 |
收藏
|
research.nccgroup.com
security
memory
chip
nxp
ndef
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 2
In part 1 the aim was to cover the following:An overview of the vulnerability assigned CVE-2...
2021-08-17 17:05:41 | 阅读: 68 |
收藏
|
research.nccgroup.com
wnf
fffff805
ffffeb0f
ffffdc87
0x278
Disabling Office Macros to Reduce Malware Infections
Category: Reduction/PreventionDocument macros have gone in and ou...
2021-08-17 02:38:15 | 阅读: 50 |
收藏
|
research.nccgroup.com
macros
microsoft
malicious
cloud
windows
Some Musings on Common (eBPF) Linux Tracing Bugs
Having been in the game of auditing kprobe-based tracers for the past couple of years, and in li...
2021-08-06 13:54:28 | 阅读: 40 |
收藏
|
research.nccgroup.com
tid
checker
sched
pathname
2266209
Technical Advisory: Pulse Connect Secure – RCE via Uncontrolled Archive Extraction – CVE-2021-22937 (Patch Bypass)
Vendor: Ivanti Pulse SecureVendor URL: https://www.pulsesecure.net/Versions affected: Pulse Co...
2021-08-06 00:59:00 | 阅读: 158 |
收藏
|
research.nccgroup.com
pulse
pcs
8260
ivanti
hackerone
Technical Advisory – Sunhillo SureLine Unauthenticated OS Command Injection (CVE-2021-36380)
Vendor: Sunhillo Vendor URL: https://www.sunhillo.com/ Versions affected...
2021-07-27 00:28:47 | 阅读: 84 |
收藏
|
research.nccgroup.com
attacker
sunhillo
sureline
liam
glanfield
Practical Considerations of Right-to-Repair Legislation
BackgroundFor some time there has been a growing movement amongst consumers who wish to repa...
2021-07-24 00:02:39 | 阅读: 75 |
收藏
|
research.nccgroup.com
security
repair
firmware
oems
oem
Technical Advisory – ICTFAX 7-4 – Indirect Object Reference
Vendor: ICTFAXVendor URL: https://www.ictfax.orgVersions affected: ICTFa...
2021-07-23 07:15:21 | 阅读: 104 |
收藏
|
research.nccgroup.com
ictfax
ict
innovations
developer
Detecting and Hunting for the Malicious NetFilter Driver
Category: Detection and Threat HuntingDuring the week of June 21s...
2021-07-17 06:26:10 | 阅读: 118 |
收藏
|
research.nccgroup.com
malicious
windows
microsoft
netfilter
username
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 1
Recently I decided to take a look at CVE-2021-31956, a local privilege escalation within Win...
2021-07-15 21:07:13 | 阅读: 94 |
收藏
|
research.nccgroup.com
wnf
44444444
0x000
Technical Advisory: Stored and Reflected XSS Vulnerability in Nagios Log Server (CVE-2021-35478,CVE-2021-35479)
Vendor: NagiosVendor URL: https://www.nagios.com/Versions affected: >= 2...
2021-07-14 14:35:32 | 阅读: 49 |
收藏
|
research.nccgroup.com
nagios
liew
35478
NCC Group Research at Black Hat USA 2021 and DEF CON 29
This year, NCC Group researchers will be presenting 10 presentations at Black Hat USA (2 Briefin...
2021-07-12 19:00:00 | 阅读: 103 |
收藏
|
research.nccgroup.com
security
pmapper
analysis
solitude
usa
Alternative Approaches for Fault Injection Countermeasures (Part 3/3)
Authors: Jeremy Boone, Sultan Qasim KhanIn the previous blog post we described a set of soft...
2021-07-10 01:00:00 | 阅读: 113 |
收藏
|
research.nccgroup.com
software
cfi
duplication
hardware
injection
Software-Based Fault Injection Countermeasures (Part 2/3)
Authors: Jeremy Boone, Sultan Qasim Khan This blog post is a continuation of part 1, which i...
2021-07-09 01:00:00 | 阅读: 83 |
收藏
|
research.nccgroup.com
glitch
redundant
volatile
reg32
software
An Introduction to Fault Injection (Part 1/3)
Authors: Jeremy Boone, Sultan Qasim KhanThough the techniques have existed for some time, in...
2021-07-08 01:00:00 | 阅读: 108 |
收藏
|
research.nccgroup.com
injection
glitch
glitching
clock
voltage
Technical Advisory – Arbitrary File Read in Dell Wyse Management Suite (CVE-2021-21586, CVE-2021-21587)
Vendor: DellVendor URL: https://www.dell.com/support/home/en-us/product-s...
2021-07-07 06:54:04 | 阅读: 106 |
收藏
|
research.nccgroup.com
wms
thin
ccm
wyse
database
Previous
15
16
17
18
19
20
21
22
Next