Back
NCC Group Publication Archive
Cyber Security
Technical advisories

August 5, 2015

1 min read

Adobe flash sandbox bypass to navigate to local drives

Title: Adobe flash sandbox bypass to navigate to local drives
Release: Date 12 August 2014
Reference: NGS00711
Discoverer: Soroush Dalili
Vendor: Adobe
Vendor Reference: PSIRT-2823
Systems Affected: Flash Player 14.0.0.125 (tested with IE 11)
CVE Reference: CVE-2014-0541
Risk: Medium
Status: Fixed

Download our technical advisory

Published by NCC Group Publication Archive

Here are some related articles you may find interesting

Technical Advisory: Adobe ColdFusion WDDX Deserialization Gadgets

Multiple vulnerabilities identified in Adobe ColdFusion allow an unauthenticated attacker to obtain the service account NTLM password hash, verify the existence of a file or directory on the underlying operating system, and configure central config server settings.

Technical advisories
Vulnerability Research

November 21, 2023

15 mins read

Is this the real life? Is this just fantasy? Caught in a landslide, NoEscape from NCC Group

Author: Alex Jessop (@ThisIsFineChief) Summary Tl;dr This post will delve into a recent incident response engagement handled by NCC Group’s Cyber Incident Response Team (CIRT) involving the Ransomware-as-a-Service known as NoEscape. Below provides a summary of findings which are presented in this blog post:  NoEscape NoEscape is a new financially…

Detection and Threat Hunting
Digital Forensics and Incident Response (DFIR)
Threat Intelligence

November 20, 2023

7 mins read

The Spelling Police: Searching for Malicious HTTP Servers by Identifying Typos in HTTP Responses

At Fox-IT (part of NCC Group) identifying servers that host nefarious activities is a critical aspect of our threat intelligence. One approach involves looking for anomalies in responses of HTTP servers. Sometimes cybercriminals that host malicious servers employ tactics that involve mimicking the responses of legitimate software to evade detection.…

Cyber Security
Detection and Threat Hunting
Fox-IT
Fox-IT and European Research
Research

November 15, 2023

7 mins read

Previous post Next post

View articles by category

Most popular posts

Most recent posts

Call us before you need us.

Our experts will help you.

Get in touch
%d bloggers like this: