Back
NCC Group Publication Archive
Uncategorized

April 16, 2015

1 min read

Premium Content Gateway

Oops you’ve come to this page in error

You are not authorised to access the document you have requested

Published by NCC Group Publication Archive

Here are some related articles you may find interesting

Technical Advisory: Adobe ColdFusion WDDX Deserialization Gadgets

Multiple vulnerabilities identified in Adobe ColdFusion allow an unauthenticated attacker to obtain the service account NTLM password hash, verify the existence of a file or directory on the underlying operating system, and configure central config server settings.

Technical advisories
Vulnerability Research

November 21, 2023

15 mins read

Is this the real life? Is this just fantasy? Caught in a landslide, NoEscape from NCC Group

Author: Alex Jessop (@ThisIsFineChief) Summary Tl;dr This post will delve into a recent incident response engagement handled by NCC Group’s Cyber Incident Response Team (CIRT) involving the Ransomware-as-a-Service known as NoEscape. Below provides a summary of findings which are presented in this blog post:  NoEscape NoEscape is a new financially…

Detection and Threat Hunting
Digital Forensics and Incident Response (DFIR)
Threat Intelligence

November 20, 2023

7 mins read

The Spelling Police: Searching for Malicious HTTP Servers by Identifying Typos in HTTP Responses

At Fox-IT (part of NCC Group) identifying servers that host nefarious activities is a critical aspect of our threat intelligence. One approach involves looking for anomalies in responses of HTTP servers. Sometimes cybercriminals that host malicious servers employ tactics that involve mimicking the responses of legitimate software to evade detection.…

Cyber Security
Detection and Threat Hunting
Fox-IT
Fox-IT and European Research
Research

November 15, 2023

7 mins read

Previous post Next post

View articles by category

Most popular posts

Most recent posts

Call us before you need us.

Our experts will help you.

Get in touch
%d bloggers like this: