NCC Group Research Blog
Cyber Essentials Scheme
4 months 2 weeks ago
CVE-2019-1405 and CVE-2019-1322 – Elevation to SYSTEM via the UPnP Device Host Service and the Update Orchestrator Service
4 months 2 weeks ago
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 1
4 months 2 weeks ago
CVE-2018-8611 Exploiting Windows KTM Part 3/5 – Triggering the race condition and debugging tricks
4 months 2 weeks ago
CVE-2018-8611 Exploiting Windows KTM Part 4/5 – From race win to kernel read and write primitive
4 months 2 weeks ago
CVE-2018-8611 Exploiting Windows KTM Part 5/5 – Vulnerability detection and a better read/write primitive
4 months 2 weeks ago
CVE-2018-8611 Exploiting Windows KTM Part 1/5 – Introduction
4 months 2 weeks ago
CVE-2018-8611 Exploiting Windows KTM Part 2/5 – Patch analysis and basic triggering
4 months 2 weeks ago
Curve9767 and Fast Signature Verification
4 months 2 weeks ago
CVE-2017-8570 RTF and the Sisfader RAT
4 months 2 weeks ago
CVE-2018-8611 – Diving into the Windows Kernel Transaction Manager (KTM) for fun and exploitation
4 months 2 weeks ago
Cryptopals: Exploiting CBC Padding Oracles
4 months 2 weeks ago
Cups-filters remote code execution
4 months 2 weeks ago
Critical Risk Vulnerability in SAP Message Server (Heap Overflow)
4 months 2 weeks ago
Cross Site Request Forgery: An Introduction to a Common Web Application Weakness
4 months 2 weeks ago
Cross-Execute Your Linux Binaries, Don’t Cross-Compile Them
4 months 2 weeks ago
Critical Risk Vulnerability in Ingres (Pointer Overwrite 2)
4 months 2 weeks ago
Critical Risk Vulnerability in SAP DB Web Server (Stack Overflow)
4 months 2 weeks ago
Creating Arbitrary Shellcode In Unicode Expanded Strings
4 months 2 weeks ago
Checked
7 hours 31 minutes ago