Last weekend (July 30th) a truly incredible piece of mathematical/cryptanalysis research was put onto eprint. Wouter Castryck and Thomas Decru of KU Leuven published a paper, "An efficient key recovery attack on SIDH (preliminary version)" describing a new attack on the Supersing … | Continue reading
This paper collects a set of notes and research projects conducted by NCC Group on the topic of the security of Machine Learning (ML) systems. The objective is to provide some industry perspective to the academic community, while collating helpful references for security practiti … | Continue reading
U-boot is a popular boot loader for embedded systems with implementations for a large number of architectures and prominent in most Linux based embedded systems such as ChromeOS and Android Devices. Two vulnerabilities were uncovered in the IP Defragmentation algorithm implemente … | Continue reading
NCC Group has developed a tool for conducting a new type of BLE relay attack operating at the link layer, for which added latency is within the range of normal GATT response timing variation, and which is capable of relaying encrypted link layer communications. This approach can … | Continue reading
Mainstream appreciation for cyberattacks targeting continuous integration and continuous delivery/continuous deployment (CI/CD) pipelines has been gaining momentum. Attackers and defenders increasingly understand that build pipelines are highly-privileged targets with a substanti … | Continue reading
Hello and welcome to NCC Group's Cryptopals guided tour! This post is the first in a series of eight installments covering the solutions to the Cryptopals Crypto Challenges. These have been a long time coming, and we're excited to finally start bringing them to you. For those who … | Continue reading
Elliptic Curve Cryptography (ECC) has become the de facto standard for protecting modern communications. ECC is widely used to perform asymmetric cryptography operations, such as to establish shared secrets or for digital signatures. However, insufficient validation of public key … | Continue reading
During the summer of 2021, WhatsApp engaged NCC Group's Cryptography Services team to conduct an independent security assessment of its End-to-End Encrypted Backups project. End-to-End Encrypted Backups is an hardware security module (HSM) based key vault solution that aims to pr … | Continue reading
XAR is a file archive format used in macOS, and is part of various file formats, including .xar, .pkg, .safariextz, and .xip files. XAR archives are extracted using the xar command-line utility. XAR was initially developed under open source, however, the original project appears … | Continue reading
This blog post proposes an approach to crack Pseudo-Random Number Generators (PRNGs) using machine learning. By cracking here, we mean that we can predict the sequence of the random numbers using previously generated numbers without the knowledge of the seed. We started by breaki … | Continue reading
Vendor: Ivanti Pulse Secure Vendor URL: Versions affected: Pulse Connect Secure (PCS) 9.11R11.5 or below Systems Affected: Pulse Connect Secure (PCS) Appliances Author: Richard Warren
Background For some time there has been a growing movement amongst consumers who wish to repair their own devices in a cost effective manner, motivated to reduce their expenses, and reduce e-waste.… | Continue reading
This is the first blog post in a new code-centric series about selected optimizations found in pairing-based cryptography. Pairing operations are foundational to the BLS Signatures [1] central to Ethereum 2.0, zero-knowledge arguments central to Zcash and Filecoin [2], and a wide … | Continue reading
ABSTRACT SHIMMER (CVE-2020-15257): Host Networking is root-Equivalent, Again. This post is a technical discussion of the underlying vulnerability of CVE-2020-15257. | Continue reading
NCC Group Technical Advisory – Multiple Vulnerabilities in Netgear ProSAFE Plus JGS516PE / GS116Ev2 Switches | Continue reading
Software Verification and Analysis Using Z3 - NCC Group Cryptography Services | Continue reading
Author: Jelle Vergeer Introduction A while ago we had a forensics case in which a Linux server was compromised and a modified OpenSSH binary was loaded into the memory of a webserver. The modified … | Continue reading
Past, Present and Future of Effective C by Robert Seacord, NCC Group | Continue reading
Technical Advisory – Jitsi Meet Electron – Arbitrary Client Remote Code Execution (CVE-2020-27162) | Continue reading
There's A Hole In Your SoC: Glitching The MediaTek BootROM. NCC Group | Continue reading
We’re proud to announce the release of a new version of our open-source, multi-cloud auditing tool ScoutSuite (on Github)! Notable improvements and features include: CoreBreaking change: suppo… | Continue reading
Introduction In recent years, the gaming industry has grown significantly, especially casino games and sports betting. Online casinos consolidate their position as one of the main sources of entert… | Continue reading
Author: Jelle Vergeer The first part of this blog will be the story of how this tool found it’s way into existence, the problems we faced and the thought process followed. The second part wil… | Continue reading
NCC Group Tool Release: Sinking U-Boots with Depthcharge | Continue reading
On November 25th, AWS released the Ramp-Up Learning Guide for AWS Cloud Security, Governance, and Compliance. The Security Ramp-Up is a curated list of educational AWS resources. The goal is “… | Continue reading
CVE-2020-5902 was disclosed on July 1st, 2020 by F5 Networks in K52145254 as a CVSS 10.0 remote code execution vulnerability in the Big-IP administrative interface. This blog looks at the root caus… | Continue reading
An offensive guide to the OAuth 2.0 Authorization Code grant - NCC Group | Continue reading
How to Design Safe Authorization APIs | Continue reading
One of the current research priorities for NCC Group is smart cities. We perceive that in the future substantial investment will be made into deploying intelligent sensor systems into our cities: i… | Continue reading
In December 2019, MobileCoin engaged NCC Group to conduct a review of the AES/GCM and ChaCha20+Poly1305 implementations provided by the RustCrypto/AEADs crates. The intended usage context of these … | Continue reading
Istio is a service mesh, which, in general, exist as a compliment to container orchestrators (e.g. Kubernetes) in order to provide additional, service-centric features surrounding traffic managemen… | Continue reading
On Saturday, February 1st, I gave my talk titled “Command and KubeCTL: Real-World Kubernetes Security for Pentesters” at Shmoocon 2020. I’m following up with this post that goes into more details t… | Continue reading
Containerization solutions are becoming increasingly common throughout the industry due to their vast applications in logically separating and packaging processes to run consistently across environ… | Continue reading
I have been asked about the usefulness of security monitoring of entropy levels in the Linux kernel. This calls for some explanation of how random generation works in Linux systems. So, randomness … | Continue reading