NCC Group Research Blog
The CIS Security Standard for Docker available now
6 months 3 weeks ago
The Case of Missing File Extensions
6 months 3 weeks ago
The CERT® C Coding Standard, Second Edition: 98 Rules for Developing Safe, Reliable, and Secure Systems
6 months 3 weeks ago
The Automotive Threat Modeling Template
6 months 3 weeks ago
The Browser Hacker’s Handbook
6 months 3 weeks ago
The 9 Lives of Bleichenbacher’s CAT: New Cache ATtacks on TLS Implementations
6 months 3 weeks ago
The ABCs of NFC chip security
6 months 3 weeks ago
Testing Infrastructure-as-Code Using Dynamic Tooling
6 months 3 weeks ago
Testing Two-Factor Authentication
6 months 3 weeks ago
Testing HTTP/2 only web services
6 months 3 weeks ago
Technical Advisory: Unauthenticated Remote Command Execution through Multiple Vulnerabilities in Virgin Media Hub 3.0
6 months 3 weeks ago
Technical Advisory: Unauthenticated SQL Injection in Lansweeper
6 months 3 weeks ago
Technical Advisory: Sonos Era 100 Secure Boot Bypass Through Unchecked setenv() call
6 months 3 weeks ago
Technical Advisory: SQL Injection and Reflected Cross-Site Scripting (XSS) Vulnerabilities in Oracle Communications Diameter Signaling Router (CVE-2020-14787, CVE-2020-14788)
6 months 3 weeks ago
Technical Advisory: Stored and Reflected XSS Vulnerability in Nagios Log Server (CVE-2021-35478,CVE-2021-35479)
6 months 3 weeks ago
Technical Advisory: Shell Injection in SourceTree
6 months 3 weeks ago
Technical Advisory: SMB Hash Hijacking and User Tracking in MS Outlook
6 months 3 weeks ago
Technical Advisory: Ruby on Rails – Possible XSS Vulnerability in ActionView tag helpers (CVE-2022-27777)
6 months 3 weeks ago
Technical Advisory: Shell Injection in MacVim mvim URI Handler
6 months 3 weeks ago
Checked
2 hours 37 minutes ago