Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.

You can pretend to be Slackbot, and that’s not great..

Anatomy of a Linux Ransomware Attack - While 85% of ransomware attacks target Windows systems, Linux is becoming an increasingly popular ta

Anatomy of a Linux Ransomware Attack - While 85% of ransomware attacks target Windows systems, Linux is becoming an increasingly popular ta

Posted in r/netsec by u/c0nsumer • 2 points and 0 comments

We guard your domain, so you have pace of mind. Domain Monitoring and Proactive Phishing Protection.

Open Source Vulnerability Disclosure Program. Contribute to parikhakshat/openvdp development by creating an account on GitHub.

Even in 2021, Aon’s Security Testing practice occasionally receives requests from our clients for penetration testing of systems accessible over dialup modem.  These legacy systems have sometimes been running for decades, and often have never undergone any…

This is the story behind the latest FreeSWITCH advisories and one sleepless night we ended up with 4 vulnerabilities that needed reporting. Then, one more vulnerability found due to a bug in our own software. We tell how these flaws were discovered, reported…

EMBArk - The firmware security scanning environment - GitHub - e-m-b-a/embark: EMBArk - The firmware security scanning environment

Many companies are using cloud services such as Microsoft 365 for email, file sharing and communicating. If an attacker gains access to valid credentials that allows them to authenticate to the acc…

Intro This report will go through an intrusion from July that began with an email, which included a link to Google’s Feed Proxy service that was used to download a malicious Word document. Up…

In this guide you will learn how to install and protect WordPress with the Open Source Web Application Firewall (WAF) ModSecurity. We will also install the latest protection rules from the OWASP Core Rule Set (CRS). A WAF is a great addition to the Cyber…

We are a team of exceptional security consultants, with the knowledge and insight to identify vulnerabilities and help you secure your systems

A cyberattack appears to be behind a provincewide disruption of health-care services in Newfoundland and Labrador that has affected thousands of appointments and procedures, including those involving COVID-19 testing.

Posted by Eduardo Vela, Google Bug Hunters Team  Starting today and for the next 3 months (until January 31 2022), we will pay 31,337 USD to...

Independently secure, together not so much. A story of 2 WP plugins.

Domain Takeover occurs when the organization did not renew its domain but still use it in their code and infrastructure. When the attacker registers the abandoned domain, they own the domain, including its subdomains and other types of DNS records.

The second episode of the Honeypot Journals. This time in our honeynet: attacks in the “cloud” vs attacks on residential endpoints.