NCC Group Research Blog
The Automotive Threat Modeling Template
5 months 2 weeks ago
The Browser Hacker’s Handbook
5 months 2 weeks ago
The 9 Lives of Bleichenbacher’s CAT: New Cache ATtacks on TLS Implementations
5 months 2 weeks ago
The ABCs of NFC chip security
5 months 2 weeks ago
Testing Infrastructure-as-Code Using Dynamic Tooling
5 months 2 weeks ago
Testing Two-Factor Authentication
5 months 2 weeks ago
Testing HTTP/2 only web services
5 months 2 weeks ago
Technical Advisory: Unauthenticated Remote Command Execution through Multiple Vulnerabilities in Virgin Media Hub 3.0
5 months 2 weeks ago
Technical Advisory: Unauthenticated SQL Injection in Lansweeper
5 months 2 weeks ago
Technical Advisory: Sonos Era 100 Secure Boot Bypass Through Unchecked setenv() call
5 months 2 weeks ago
Technical Advisory: SQL Injection and Reflected Cross-Site Scripting (XSS) Vulnerabilities in Oracle Communications Diameter Signaling Router (CVE-2020-14787, CVE-2020-14788)
5 months 2 weeks ago
Technical Advisory: Stored and Reflected XSS Vulnerability in Nagios Log Server (CVE-2021-35478,CVE-2021-35479)
5 months 2 weeks ago
Technical Advisory: Shell Injection in SourceTree
5 months 2 weeks ago
Technical Advisory: SMB Hash Hijacking and User Tracking in MS Outlook
5 months 2 weeks ago
Technical Advisory: Ruby on Rails – Possible XSS Vulnerability in ActionView tag helpers (CVE-2022-27777)
5 months 2 weeks ago
Technical Advisory: Shell Injection in MacVim mvim URI Handler
5 months 2 weeks ago
Technical Advisory: Pulse Connect Secure – RCE via Uncontrolled Gzip Extraction (CVE-2020-8260)
5 months 2 weeks ago
Technical Advisory: Reflected Cross-Site Scripting (XSS) vulnerability in Jenkins Delivery Pipeline plugin
5 months 2 weeks ago
Technical advisory: Remote shell commands execution in ttyd
5 months 2 weeks ago
Checked
4 hours 7 minutes ago