Skip to navigation Skip to main content Skip to footer

Search

Total results: 2388

Page 1 of 96

Filters

Services

Technical Advisory: SMB Hash Hijacking and User Tracking in MS Outlook

Research Cyber Security Technical advisories Vendor: Microsoft Vendor URL: https://www.microsoft.com/ Systems Affected: Microsoft Outlook Author: Soroush Dalili CVE Identifiers: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8572, https://portal.msrc.microsoft.com/en-US/…

Public Report – VPN by Google One: Technical Security & Privacy Assessment

Research Public Reports During the fourth calendar quarter of 2020 and the first calendar quarter of 2021, NCC Group conducted an in-depth review of the VPN by Google One virtual private network system. The focus of the engagement was to assess the product’s technical security properties and review…

Oracle Forensics Part 4: Live Response

Research Cyber Security Whitepapers This papers is the 4th in a series of papers covering Oracle forensics, in this paper David Litchfield will cover reactions to a security incident occurring. For many organisations without a plan of action in the event of a security incident the instinctive respon…

NCC Group placed first in global 5G Cyber Security Hack competition

Research Research 5G Security & Smart Environments Awards & Recognition In June of this year, Traficom – the Finnish transport and communications agency – along with the Aalto University, Cisco, Ericsson, Nokia, and PwC, organized the 5G Cyber Security Hack competition. A similar event was organised…

Nagios XI Network Monitor – Stored and Reflective XSS

Research Cyber Security Technical advisories Summary Name: Nagios XI Network Monitor – Stored and Reflective XSS Release Date: 30 November 2012 Reference: NGS00195 Discoverer: Daniel Compton  Vendor: Nagios Vendor Reference: 0000284 Systems Affected: 2011R1.9 Risk: High Status: Published TimeLine Di…

Nagios XI Network Monitor Stored and Reflected XSS

Research Cyber Security Patch notifications This patch notification details a high risk vulnerability discovered by Daniel Compton in Nagios XI Network Monitor.  Download patch notification NCC Group Publication Archive

NCC Con Europe 2016

Research Conferences This week more than 300 NCC Group consultants and colleagues gathered in Dublin for NCC Con Europe 2016. People came from all over the world for the event, including from the Group’s European, Canadian, Australian, and even US offices. Delegates waiting to hear the keynote by Ro…

Practical Considerations of Right-to

Research Research Hardware & Embedded Systems Public interest technology Current events Technology Policy Background For some time there has been a growing movement amongst consumers who wish to repair their own devices in a cost effective manner, motivated to reduce their expenses, and reduce e-was…

SMB hash hijacking & user tracking in MS Outlook

Research Vulnerability Brief description Microsoft (MS) Outlook could be abused to send SMB handshakes externally after a victim opened or simply viewed an email. A WebDAV request was sent even when the SMB port was blocked. This could be used to crack a victim’s password when the SMB hash was sent…

Kivlad

Research Public tools Kivlad is a decompiler for Android’s Dalvik binaries, with a highly customizable web-based navigation interface. Unlike existing decompilers for Dalvik, it works natively on Dalvik bytecode rather than converting back to Java bytecode; this means much higher quality results. Al…

Software

Research Research Hardware & Embedded Systems Authors: Jeremy Boone, Sultan Qasim Khan  This blog post is a continuation of part 1, which introduced the concept of fault injection attacks. You can read that prior post here. When advising our clients on the matter of fault injection (FI), we are ofte…

Jailbreak, updated and open

Research Research iSec Partners This research was originally performed by researchers from iSec Partners (now NCC Group), and has been migrated to research.nccgroup.com for posterity. Jailbreak, updated and open-sourced 19 Jan 2015 – Jason Copenhaver Jailbreak allows a user to export certificates fr…

Java Web Start File Inclusion via System Properties Override

Research Research Technical advisories VSR Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Java Web Start File Inclusion via System Properties Override Release Date: 2008-12-03…

Sobelow: Static analysis for the Phoenix Framework

Research Public tools Sobelow is the first security‐focused static analysis tool for the Phoenix framework. For security researchers, it is a useful tool for getting a quick view of points‐of‐interest. For project maintainers, it can be used to prevent the introduction of a number of common vulnerabi…

Software Security Austerity Security Debt in Modern Software Development

Research Cyber Security Presentations These slides come from Ollie Whitehouse’s presentation “Software Security Austerity Security Debt in Modern Software Development” that he gave at 44Con in 2012. In this presentation Ollie will explain software security debt and ways that this debt can be managed…

Setting a New Standard for Kubernetes Deployments

Research Cloud & Containerization The Center for Internet Security (CIS) has recently released a new benchmark standard for Kubernetes deployments, providing a vendor-neutral benchmark to help companies assess against good security practices. Kubernetes is a key player in the containerisation techno…

SecureBigIP

Research Public tools SecureBigIP is a command line tool to analyze the management security aspects of a F5 Big IP Load Balancer. Prerequisites: Win32 Download Tool NCC Group Publication Archive

Secure Device Manufacturing: Supply Chain Security Resilience

Research Hardware & Embedded Systems Whitepapers Today the production of hardware devices involves multiple suppliers at various stages of the production and support lifecycle. There is no electronics manufacturer who manufactures every single component of a device in their own factory. As such, and…

Singularity of Origin

Research Public tools Singularity of Origin is a robust and easy-to-use tool to perform DNS rebinding attacks. It consists of a DNS and a web server, a web interface to configure and launch an attack, and sample attack payloads. We plan to support this tool and continue to add features and payloads.…

Mallory and Me: Setting up a Mobile Mallory Gateway

Research Public tools Over the past few months, we have put Mallory through its paces. Scores of mobile applications have had their network streams MiTMd by Mallory. It has become one of a few important tools that we use on a daily basis. Because we use it so often, we sometimes forget that it may s…

Secure Device Provisioning Best Practices: Heavy Truck Edition

Research Hardware & Embedded Systems Whitepapers Transport The complexities of the heavy truck ecosystem poses challenges to the security of the ECU networks contained within the vehicles. This paper describes some of the major sources of complexity, and how each can be addressed to design and imple…

Samba _netr_ServerPasswordSet Expoitability Analysis

Research Reverse Engineering Vulnerability Threat Intelligence tl;dr This is my analysis of the recent pre-auth Samba remote tracked by CVE-2015-0240[1]. It doesn’t appear to be very exploitable to me, but I’d love to be proven wrong. Note that since the time when I originally did this analysis some…

;