Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
5 résultats taggé nccgroup  ✕
Not so lucky: BlackCat is back! https://research.nccgroup.com/2023/10/31/unveiling-the-dark-side-a-deep-dive-into-active-ransomware-families/
06/11/2023 18:35:02
QRCode
archive.org
thumbnail

While the main trend in the cyber threat landscape in recent months has been MoveIt and Cl0p, NCC Groups’ Cyber Incident Response Team have also been handling multiple different ransomware groups over the same period.

In the ever-evolving cybersecurity landscape, one consistent trend witnessed in recent years is the unsettling rise in ransomware attacks. These nefarious acts of digital extortion have left countless victims scrambling to safeguard their data, resources, and even their livelihoods. To counter this threat, every person in the cyber security theatre has a responsibility to shine light on current threat actor Tactics, Techniques and Procedures (TTP’S) to assist in improving defences and the overall threat landscape.

nccgroup EN 2023 TTP BlackCat D0nut Medusa NoEscape
Technical Advisory – SonicWall Global Management System (GMS) & Analytics – Multiple Critical Vulnerabilities https://research.nccgroup.com/2023/08/24/technical-advisory-sonicwall-global-management-system-gms-analytics-multiple-critical-vulnerabilities/
25/08/2023 11:36:28
QRCode
archive.org
thumbnail

Multiple Unauthenticated SQL Injection Issues & Security Filter Bypass – CVE-2023-34133 Title: Multiple Unauthenticated SQL Injection Issues & Security Filter Bypass Risk: 9.8 (Critic…

nccgroup EN SonicWall GMS CVE-2023-34133 CVE-2023-34124
Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434) https://research.nccgroup.com/2023/01/20/technical-advisory-multiple-vulnerabilities-in-the-galaxy-app-store-cve-2023-21433-cve-2023-21434/
21/01/2023 14:37:26
QRCode
archive.org
thumbnail

The Galaxy App Store is an alternative application store that comes pre-installed on Samsung Android devices. Several Android applications are available on both the Galaxy App Store and Google App Store, and users have the option to use either store to install specific applications. Two vulnerabilities were uncovered with the Galaxy App Store application: Technical…

nccgroup EN 2023 Samsung Galaxy App Store Android Advisory CVE-2023-21433 CVE-2023-21434
A glimpse into the shadowy realm of a Chinese APT: detailed analysis of a ShadowPad intrusion – NCC Group Research https://research.nccgroup.com/2022/09/30/a-glimpse-into-the-shadowy-realm-of-a-chinese-apt-detailed-analysis-of-a-shadowpad-intrusion/
03/10/2022 21:21:19
QRCode
archive.org
thumbnail

This post explores some of the TTPs employed by a threat actor who was observed deploying ShadowPad during an incident response engagement.

nccgroup EN 2022 TTP research ShadowPad CVE-2022-29464 secur32.dll
Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121) https://research.nccgroup.com/2022/03/24/remote-code-execution-on-western-digital-pr4100-nas-cve-2022-23121/
24/05/2022 08:22:41
QRCode
archive.org
thumbnail

This blog post describes an unchecked return value vulnerability found and exploited in September 2021 by Alex Plaskett, Cedric Halbronn and Aaron Adams working at the Exploit Development Group (EDG) of NCC Group. We successfully exploited it at Pwn2Own 2021 competition in November 2021 when targeting the Western Digital PR4100.

CVE-2022-23121 nccgroup EN 2022 Netatalk WesternDigital vulnerability AppleDouble
4481 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio