US Blog RSS Feed https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/ en Wed, 29 Nov 2017 02:00:00 GMT (c) Copyright 2017 NCC Group https://www.nccgroup.trust/globalassets/website-wide/rss-feed/ncc_small_icon.png US Blog RSS Feed https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/ 30 30 <![CDATA[Eggplant AI from Testplant: No test automation experience, no problem]]> At the start of November, Testplant launched Eggplant AI, a brand new addition to the digital test specialist’s Eggplant...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/november/eggplant-ai-from-testplant-no-test-automation-experience-no-problem/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/november/eggplant-ai-from-testplant-no-test-automation-experience-no-problem/ Wed, 29 Nov 2017 02:00:00 GMT <![CDATA[Kubernetes security: Consider your threat model]]> One of the questions that I've been asked on multiple occasions when presenting on Kubernetes security is...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/november/kubernetes-security-consider-your-threat-model/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/november/kubernetes-security-consider-your-threat-model/ Thu, 23 Nov 2017 02:00:00 GMT <![CDATA[Common security issues in Azure & the importance of configuring your cloud environment]]> Azure audits (or Azure configuration reviews) are slowly becoming more common as larger organisations move their infrastructure...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/november/common-security-issues-in-azure-and-the-importance-of-configuring-your-cloud-environment/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/november/common-security-issues-in-azure-and-the-importance-of-configuring-your-cloud-environment/ Tue, 21 Nov 2017 02:00:00 GMT <![CDATA[Cisco ASA series part eight: Exploiting the CVE-2016-1287 heap overflow over IKEv1]]> Exodus Intel released how they exploited [1] CVE-2016-1287 for IKEv2 in February 2016, but there wasn't anything public for...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/november/cisco-asa-series-part-eight-exploiting-the-cve-2016-1287-heap-overflow-over-ikev1/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/november/cisco-asa-series-part-eight-exploiting-the-cve-2016-1287-heap-overflow-over-ikev1/ Fri, 10 Nov 2017 02:00:00 GMT <![CDATA[Cisco ASA series part seven: Checkheaps]]> As a part of our ongoing series we would like to talk about Cisco's Checkheaps security and stability mechanism. ]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/cisco-asa-series-part-seven-checkheaps/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/cisco-asa-series-part-seven-checkheaps/ Thu, 26 Oct 2017 01:00:00 GMT <![CDATA[Bad Rabbit ransomware hits targets within Eastern Europe]]> As you may have seen in the news, a new ransomware outbreak named Bad Rabbit reached Eastern Europe this week.]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/bad-rabbit-ransomware-hits-targets-within-eastern-europe/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/bad-rabbit-ransomware-hits-targets-within-eastern-europe/ Wed, 25 Oct 2017 02:00:00 GMT <![CDATA[Cisco ASA series part six: Cisco ASA mempools]]> In part six, we document some of the details around Cisco ASA mempools and how the mempool-related functions wrap more...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/cisco-asa-series-part-six-cisco-asa-mempools/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/cisco-asa-series-part-six-cisco-asa-mempools/ Mon, 23 Oct 2017 02:00:00 GMT <![CDATA[Employee Spotlight: Anthony, Principal Security Consultant, Australia]]> Anthony Caulfield, Principal Security Consultant for NCC Group in Sydney, features in our latest Employee Spotlight.]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/employee-spotlight-anthony-principal-security-consultant-australia/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/employee-spotlight-anthony-principal-security-consultant-australia/ Mon, 16 Oct 2017 04:00:00 GMT <![CDATA[Cisco ASA series part five: libptmalloc gdb plugin]]> We're releasing a gdb plugin for analyzing ptmalloc2. This plugin is essentially a fork from an older version of cloudburst's...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/cisco-asa-series-part-five-libptmalloc-gdb-plugin/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/cisco-asa-series-part-five-libptmalloc-gdb-plugin/ Mon, 16 Oct 2017 02:00:00 GMT <![CDATA[Cisco ASA series part four: dlmalloc-2.8.x, libdlmalloc, & dlmalloc on Cisco ASA]]> This article is meant to provide a summary of some key functionality for dlmalloc-2.8.x and introduce a debugging plugin called...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/cisco-asa-series-part-four-dlmalloc-2.8.x-libdlmalloc-and-dlmalloc-on-cisco-asa/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/cisco-asa-series-part-four-dlmalloc-2.8.x-libdlmalloc-and-dlmalloc-on-cisco-asa/ Mon, 09 Oct 2017 02:00:00 GMT <![CDATA[SusanRTTI: an IDAPython plugin for viewing run-time type information]]> Run‐type type information, or RTTI, refers to class information present in compiled C++ binaries. Depending on the class...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/python-class-informer-an-idapython-plugin-for-viewing-run-time-type-information-rtti/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/python-class-informer-an-idapython-plugin-for-viewing-run-time-type-information-rtti/ Thu, 05 Oct 2017 00:00:00 GMT <![CDATA[Decoder Improved Burp Suite Plugin Release, Part 2]]> In the previous blog post, we walked through the primary benefits of using Decoder Improved over the Burp Suite’s built-in...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/decoder-improved-burp-suite-plugin-release-part-2/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/decoder-improved-burp-suite-plugin-release-part-2/ Tue, 03 Oct 2017 00:00:00 GMT <![CDATA[Cisco ASA series part three: Debugging Cisco ASA firmware]]> We have developed a small framework of tools to automate the debugging of most Cisco ASA firmware files using gdb, while...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/cisco-asa-series-part-three-debugging-cisco-asa-firmware/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/october/cisco-asa-series-part-three-debugging-cisco-asa-firmware/ Mon, 02 Oct 2017 01:00:00 GMT <![CDATA[Cisco ASA series part two: Static analysis & datamining of Cisco ASA firmware]]> During our research, we ended up wanting to analyse a large number of Cisco ASA firmware files. Most importantly, we needed to...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/september/cisco-asa-series-part-two-static-analysis-and-datamining-of-cisco-asa-firmware/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/september/cisco-asa-series-part-two-static-analysis-and-datamining-of-cisco-asa-firmware/ Mon, 25 Sep 2017 02:00:00 GMT <![CDATA[Cisco ASA series part one: Intro to the Cisco ASA]]> We’ve spent a bunch of time investigating Cisco ASA devices and their firmware while looking into exploiting CVE-2016-1287...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/september/cisco-asa-series-part-one-intro-to-the-cisco-asa/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/september/cisco-asa-series-part-one-intro-to-the-cisco-asa/ Wed, 20 Sep 2017 02:00:00 GMT <![CDATA[EternalGlue part one: Rebuilding NotPetya to assess real-world resilience]]> Tl;dr - we were engaged by a client back in June 2017 to rebuild NotPetya from scratch. However, instead of the data destruction..]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/september/eternalglue-part-one-rebuilding-notpetya-to-assess-real-world-resilience/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/september/eternalglue-part-one-rebuilding-notpetya-to-assess-real-world-resilience/ Tue, 19 Sep 2017 02:00:00 GMT <![CDATA[Decoder Improved Burp Suite Plugin Release, Part 1]]> Burp Suite’s built-in decoder component, while useful, is missing important features and cannot be extended. To remedy this...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/september/decoder-improved-burp-suite-plugin-release-part-1/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/september/decoder-improved-burp-suite-plugin-release-part-1/ Wed, 13 Sep 2017 00:00:00 GMT <![CDATA[Employee spotlight: Tony, Principal Security Consultant, NCC Group North America]]> Tony Cargile, Principal Security Consultant in our Austin office, talks about his time at NCC Group, career progression and more. ]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/september/employee-spotlight-tony-principal-security-consultant-ncc-group-north-america/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/september/employee-spotlight-tony-principal-security-consultant-ncc-group-north-america/ Thu, 07 Sep 2017 03:00:00 GMT <![CDATA[Common CSRF Prevention Misconceptions]]> At NCC Group we’ve noticed, among applicants and the general public, some common misconceptions regarding CSRF]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/september/common-csrf-prevention-misconceptions/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/september/common-csrf-prevention-misconceptions/ Tue, 05 Sep 2017 00:00:00 GMT <![CDATA[Educational Tools for Binary Ninja]]> A series of plugins designed to improve Binary Ninja’s potential as a tool for beginners.]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/educational-tools-for-binary-ninja/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/educational-tools-for-binary-ninja/ Wed, 30 Aug 2017 00:00:00 GMT <![CDATA[DeLux Edition: Getting root privileges on the eLux Thin Client OS]]> While on an engagement I came across a thin client running the eLux Linux distribution...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/delux-edition-getting-root-privileges-on-the-elux-thin-client-os/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/delux-edition-getting-root-privileges-on-the-elux-thin-client-os/ Thu, 24 Aug 2017 02:00:00 GMT <![CDATA[Introducing G-Scout]]> G‐Scout is a tool to help assess the security of Google Cloud Platform (GCP) environment configurations.]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/introducing-g-scout/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/introducing-g-scout/ Tue, 15 Aug 2017 00:00:00 GMT <![CDATA[Incremental threat modelling: A follow-up]]> ]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/incremental-threat-modelling-a-follow-up/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/incremental-threat-modelling-a-follow-up/ Mon, 14 Aug 2017 02:00:00 GMT <![CDATA[When a web application SSRF causes the cloud to rain credentials & more]]> This blog post reviews an interesting Server-Side Request Forgery (SSRF) technique against applications that are in cloud...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/when-a-web-application-ssrf-causes-the-cloud-to-rain-credentials-and-more/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/when-a-web-application-ssrf-causes-the-cloud-to-rain-credentials-and-more/ Fri, 11 Aug 2017 00:00:00 GMT <![CDATA[Smuggling HTA files in Internet Explorer/Edge]]> In this blog post, we will demonstrate how attackers can serve malicious HTML Application (HTA) [1] files in a way that may...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/smuggling-hta-files-in-internet-exploreredge/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/smuggling-hta-files-in-internet-exploreredge/ Tue, 08 Aug 2017 02:00:00 GMT <![CDATA[Developing Trust and Gitting Betrayed]]> At NCC Group, one of our core offerings for clients is performing external network penetration tests. In these tests, we...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/developing-trust-and-gitting-betrayed/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/developing-trust-and-gitting-betrayed/ Mon, 07 Aug 2017 00:00:00 GMT <![CDATA[FedEx & TNT Express: A lesson in M&A cyber security due diligence & collateral economic disruption]]> In August 2015, FedEx started an acquisition process of TNT Express which it concluded nine months later in May 2016...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/fedex-and-tnt-express-a-lesson-in-manda-cyber-security-due-diligence-and-collateral-economic-disruption/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/august/fedex-and-tnt-express-a-lesson-in-manda-cyber-security-due-diligence-and-collateral-economic-disruption/ Thu, 03 Aug 2017 02:00:00 GMT <![CDATA[Penetration testing: Thinking in scenarios]]> We explore what penetration testing’s various definitions are today and how scenario-based penetration testing allows...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/july/penetration-testing-thinking-in-scenarios/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/july/penetration-testing-thinking-in-scenarios/ Fri, 28 Jul 2017 02:00:00 GMT <![CDATA[Sobelow: Static analysis for the Phoenix Framework]]> The Phoenix Framework is a relatively new web framework, powered by the Elixir programming language. Elixir runs on the...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/july/sobelow-static-analysis-for-the-phoenix-framework/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/july/sobelow-static-analysis-for-the-phoenix-framework/ Thu, 27 Jul 2017 00:00:00 GMT <![CDATA[Call Map: A Tool for Navigating Call Graphs in Python]]> Call Map is a tool for navigating call graphs in Python, with plans to support other languages. ]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/july/call-map-a-tool-for-navigating-call-graphs-in-python/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/july/call-map-a-tool-for-navigating-call-graphs-in-python/ Tue, 18 Jul 2017 00:00:00 GMT <![CDATA[When batteries go bang as electric cars charge: Insights from a cyber security perspective]]> Insights from a cyber security perspective as to why lithium-ion batteries catch fire. ]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/july/when-batteries-go-bang-as-electric-cars-charge-insights-from-a-cyber-security-perspective/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/july/when-batteries-go-bang-as-electric-cars-charge-insights-from-a-cyber-security-perspective/ Thu, 13 Jul 2017 00:00:00 GMT <![CDATA[Live incident blog: June Global Ransomware outbreak]]> Today we saw another outbreak of ransomware. This blog is live and will be updated as we know more.]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/june/live-incident-blog-june-global-ransomware-outbreak/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/june/live-incident-blog-june-global-ransomware-outbreak/ Tue, 27 Jun 2017 02:00:00 GMT <![CDATA[AssetHook: A Redirector for Android Asset Files Using Old Dogs and Modern Tricks]]> AssetHook is a tool that enables Android security researchers & pentesters to modify the asset portions of Android applications...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/may/assethook-a-redirector-for-android-asset-files-using-old-dogs-and-modern-tricks/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/may/assethook-a-redirector-for-android-asset-files-using-old-dogs-and-modern-tricks/ Fri, 26 May 2017 00:00:00 GMT <![CDATA[WSSiP: A WebSocket Manipulation Proxy]]> WSSiP is a tool for viewing, interacting with, and manipulating WebSocket messages between a browser and web server.]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/may/wssip-a-websocket-manipulation-proxy/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/may/wssip-a-websocket-manipulation-proxy/ Tue, 16 May 2017 00:00:00 GMT <![CDATA[The Countdown to GDPR]]> The long-anticipated EU General Data Protection Regulation (GDPR) takes effect on May 25, 2018 replacing the 1995 EU Data...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/april/the-countdown-to-gdpr/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/april/the-countdown-to-gdpr/ Fri, 28 Apr 2017 00:00:00 GMT <![CDATA[Technical Advisory: Command Injection and CSRF in Quantenna Chip Affecting Multiple Networking Devices]]> Technical Advisory: Command Injection and CSRF in Quantenna Chip Affecting Multiple Networking Devices]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/april/technical-advisory-quentanna/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/april/technical-advisory-quentanna/ Wed, 26 Apr 2017 00:00:00 GMT <![CDATA[Trust and Threat: Using Trust Relationships and Threat Models as Security Design Drivers]]> In every enterprise network, no matter how large or small, organizations have third parties included in their trust model...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/april/trust-and-threat-using-trust-relationships-and-threat-model-as-security-design-drivers/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/april/trust-and-threat-using-trust-relationships-and-threat-model-as-security-design-drivers/ Fri, 21 Apr 2017 00:00:00 GMT <![CDATA[Microsoft zero-day vulnerability – OLE2Link – threat intelligence and signatures]]> NCC Group is currently aware of a zero-day vulnerability targeting Microsoft Office users which is being exploited in the wild...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/april/microsoft-zero-day-vulnerability-ole2link-threat-intelligence-and-signatures/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/april/microsoft-zero-day-vulnerability-ole2link-threat-intelligence-and-signatures/ Tue, 11 Apr 2017 00:00:00 GMT <![CDATA[Network Attached Security: Attacking a Synology NAS]]> When we were interns at NCC Group, Prahlad Suresh and I conducted research on the security of a Synology DS215j NAS...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/april/network-attached-security-attacking-a-synology-nas/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/april/network-attached-security-attacking-a-synology-nas/ Thu, 06 Apr 2017 00:00:00 GMT <![CDATA[Cyber security in the transport industry – whose responsibility is it?]]> I recently attended a cyber security event that focused on the rail industry and an interesting topic came up that I felt...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/march/cyber-security-in-the-transport-industry-whose-responsibility-is-it/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/march/cyber-security-in-the-transport-industry-whose-responsibility-is-it/ Fri, 31 Mar 2017 02:00:00 GMT <![CDATA[NCC Group at HACKtheMACHINE]]> NCC Group participated in the U.S. Navy’s HACKtheMACHINE’s first-ever connected ship capture the flag event.]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/march/ncc-group-at-hackthemachine/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/march/ncc-group-at-hackthemachine/ Thu, 23 Mar 2017 00:00:00 GMT <![CDATA[Autochrome]]> A new tool that makes it easy to install a test browser with all the appropriate settings needed for web application testing.]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/march/autochrome/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/march/autochrome/ Mon, 20 Mar 2017 00:00:00 GMT <![CDATA[Technical Advisory: Nexpose Hard‐coded Java Key Store Passphrase Allows Decryption of Stored Credentials]]> The Nexpose vulnerability scanner by Rapid7 is widely used to identify network and application vulnerabilities in support of...]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/march/technical-advisory-nexpose-hardcoded-java-key-store-passphrase-allows-decryption-of-stored-credentials/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/march/technical-advisory-nexpose-hardcoded-java-key-store-passphrase-allows-decryption-of-stored-credentials/ Wed, 01 Mar 2017 00:00:00 GMT <![CDATA[NCC CON US 2017]]> In January, our North America consultants swapped their offices for the Vegas strip and for NCC Group’s annual internal conference]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/february/ncc-con-us-2017/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/february/ncc-con-us-2017/ Fri, 24 Feb 2017 02:00:00 GMT <![CDATA[SCOMplicated? - Decrypting SCOM “RunAs” credentials]]> This post will detail how it is possible to compromise a System Center Operations Manager server]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/february/scomplicated-decrypting-scom-runas-credentials/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/february/scomplicated-decrypting-scom-runas-credentials/ Thu, 23 Feb 2017 00:00:00 GMT <![CDATA[Understanding Uninitialized Reads]]> Principal Security Consultant Robert Seacord furthers the secure coding discussion with his acmqueue uninitialized reads article]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/february/understanding-uninitialized-reads/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/february/understanding-uninitialized-reads/ Wed, 22 Feb 2017 00:00:00 GMT <![CDATA[Technical Advisory: Shell Injection in SourceTree]]> Technical Advisory: Shell Injection in SourceTree]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/february/technical-advisoryshell-injection-in-sourcetree/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/february/technical-advisoryshell-injection-in-sourcetree/ Mon, 20 Feb 2017 00:00:00 GMT <![CDATA[Technical Advisory: Shell Injection in MacVim mvim URI handler]]> Technical Advisory: Shell Injection in MacVim mvim URI handler]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/february/technical-advisory-shell-injection-in-macvim-mvim-uri-handler/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/february/technical-advisory-shell-injection-in-macvim-mvim-uri-handler/ Mon, 20 Feb 2017 00:00:00 GMT <![CDATA[ISM RAT]]> In this blog post we will take a brief look at the remote access Trojan used by a group called Greenbug. ]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/february/ism-rat/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/february/ism-rat/ Fri, 17 Feb 2017 02:00:00 GMT <![CDATA[Technical Advisory: Multiple Vulnerabilities in Accellion File Transfer Appliance]]> Technical Advisory: Multiple Vulnerabilities in Accellion File Transfer Appliance]]> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/february/Multiple_Vulnerabilities_in_Accellion_File_Transfer_Appliance/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2017/february/Multiple_Vulnerabilities_in_Accellion_File_Transfer_Appliance/ Fri, 17 Feb 2017 00:00:00 GMT