unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Exploiting the Sudo Baron Samedit vulnerability (CVE-2021-3156) on VMWare vCenter Server 7.0
I was going to name this blog: "libptmalloc, one tool to rule glibc" :). I am writing this blog for...
2021-07-06 20:09:28 | 阅读: 160 |
收藏
|
research.nccgroup.com
sudoers
0x00040
cmnd
photon
ph3
Technical Advisory – Shop app sends pasteboard data to Shopify’s servers
Vendor: ShopifyVendor URL: https://shop.app/Versions affected: Shop Andr...
2021-07-03 07:36:00 | 阅读: 136 |
收藏
|
research.nccgroup.com
shopify
pasteboard
shop
clipboard
meets
Tool Release – Reliably-checked String Library Binding
by Robert C. SeacordReliably-checked Strings is a library binding I created that use...
2021-07-03 01:14:17 | 阅读: 95 |
收藏
|
research.nccgroup.com
rcs
strcpy
str1
iec
str2
Are you oversharing (in Salesforce)? Our new tool could sniff it out!
Unauthorised access to data is a primary concern of clients who commission a Salesforce assessme...
2021-06-29 00:51:58 | 阅读: 107 |
收藏
|
research.nccgroup.com
salesforce
raccoon
owd
adam
centre
Exploit mitigations: keeping up with evolving and complex software/hardware
TL;DRCheckout here!MotivationsIt has become challenging to fol...
2021-06-28 19:35:03 | 阅读: 111 |
收藏
|
research.nccgroup.com
windows
software
backported
hardware
filling
NCC Group co-signs the Electronic Frontier Foundation’s Statement on DMCA Use Against Security Researchers
Today, NCC Group alongside a number of security firms and technology organ...
2021-06-24 05:33:55 | 阅读: 105 |
收藏
|
research.nccgroup.com
security
1201
software
faith
Handy guide to a new Fivehands ransomware variant
by Michael Matthews and William Backhouse tl;drNCC Group’s Incident Response team observ...
2021-06-16 01:42:08 | 阅读: 176 |
收藏
|
research.nccgroup.com
ransomware
network
remote
pcloud
cloud
On the Use of Pedersen Commitments for Confidential Payments
The increased adoption of financial blockchains has fueled a lot of cryptography research in rec...
2021-06-15 17:00:00 | 阅读: 164 |
收藏
|
research.nccgroup.com
elgamal
proofs
encryption
commitment
zether
Incremental Machine Leaning by Example: Detecting Suspicious Activity with Zeek Data Streams, River, and JA3 Hashes
tl:drIncremental Learning is an extremely useful machine learning paradigm for deriving...
2021-06-14 17:00:00 | 阅读: 169 |
收藏
|
research.nccgroup.com
ja3
rarity
incremental
rare
zeek
Testing Two-Factor Authentication
More and more applications we test are implementing some form of two-factor authentication (2FA,...
2021-06-10 20:00:00 | 阅读: 141 |
收藏
|
research.nccgroup.com
security
webauthn
attacker
totp
Optimizing Pairing-Based Cryptography: Montgomery Arithmetic in Rust
This is the first blog post in a new code-centric series about selected optimizations found in p...
2021-06-09 17:00:00 | 阅读: 159 |
收藏
|
research.nccgroup.com
reduction
montgomery
subtraction
modulus
Research Paper – Machine Learning for Static Malware Analysis, with University College London
For the past few years, NCC Group has been an industry partner to the Centre for Doctoral Traini...
2021-06-07 19:00:00 | 阅读: 135 |
收藏
|
research.nccgroup.com
malicious
machine
analysis
windows
london
Conference Talks – June 2021
This month, members of NCC Group will be presenting their work at the foll...
2021-06-05 22:00:00 | 阅读: 131 |
收藏
|
research.nccgroup.com
forest
security
forests
trusts
virtualjune
Public Report – Protocol Labs Groth16 Proof Aggregation: Cryptography and Implementation Review
During April 2021, Protocol Labs engaged NCC Group’s Cryptography Services...
2021-06-05 02:43:47 | 阅读: 147 |
收藏
|
research.nccgroup.com
groth16
tau
bellperson
powers
transcripts
iOS User Enrollment and Trusted Certificates
tl;drThe User Enrollment MDM option added with iOS 13 does not restrict MDM-deployed certifi...
2021-06-05 01:35:45 | 阅读: 125 |
收藏
|
research.nccgroup.com
mdm
enrollment
byod
phones
network
Detecting Rclone – An Effective Tool for Exfiltration
NCC Group’s Cyber Incident Response Team (CIRT) have responded to a large...
2021-05-27 19:01:33 | 阅读: 225 |
收藏
|
research.nccgroup.com
mega
sigma
remote
breakdown
nz
Supply Chain Security Begins with Secure Software Development
by Robert C. SeacordComponent-based Software DevelopmentSupply chain security is a compl...
2021-05-20 20:00:00 | 阅读: 158 |
收藏
|
research.nccgroup.com
software
attestation
security
artifact
conformance
Using UUIDs for Authorization is Dangerous (even if they’re cryptographically random)
Authorization vulnerabilities continue to be one of the largest and most difficult to remediate...
2021-05-10 18:00:00 | 阅读: 168 |
收藏
|
research.nccgroup.com
uuids
attacker
unguessable
toxic
shouldn
Public Report – Dell Secured Component Verification
During February 2021, Dell engaged NCC Group to conduct a security assessm...
2021-05-05 21:30:00 | 阅读: 149 |
收藏
|
research.nccgroup.com
dell
security
hardware
network
scv
Conference Talks – May 2021
This month, members of NCC Group will be presenting their work at the foll...
2021-04-30 17:00:00 | 阅读: 294 |
收藏
|
research.nccgroup.com
druby
security
northsec
hardware
Previous
16
17
18
19
20
21
22
23
Next