Elliptic Curve Cryptography (ECC) has become the de facto standard for protecting modern communications. ECC is widely used to perform asymmetric cryptography operations, such as to establish shared secrets or for digital signatures. However, insufficient validation of public keys and parameters is still a frequent cause of confusion, leading to serious vulnerabilities, such as leakage … Continue reading An Illustrated Guide to Elliptic Curve Cryptography Validation
Archive
Exploit the Fuzz – Exploiting Vulnerabilities in 5G Core Networks
Following on from our previous blog post ‘The Challenges of Fuzzing 5G Protocols’, in this post, we demonstrate how an attacker could use the results from the fuzz testing to produce an exploit and potentially gain access to a 5G core network. In this blog post we will be using the PFCP bug (CVE-2021-41794) we'd … Continue reading Exploit the Fuzz – Exploiting Vulnerabilities in 5G Core Networks
POC2021 – Pwning the Windows 10 Kernel with NTFS and WNF Slides
Slides Alex Plaskett presented "Pwning the Windows 10 Kernel with NTFS and WNF" at Power Of Community (POC) on the 11th of November 2021
Technical Advisory – Multiple Vulnerabilities in Victure WR1200 WiFi Router (CVE-2021-43282, CVE-2021-43283, CVE-2021-43284)
Victure's WR1200 WiFi router, also sometimes referred to as AC1200, was found to have multiple vulnerabilities exposing its owners to potential intrusion in their local WiFi network and complete overtake of the device. Three vulnerabilities were uncovered, with links to the associated technical advisories below: Technical Advisory - Default WiFi Network Password Advertised by Victure … Continue reading Technical Advisory – Multiple Vulnerabilities in Victure WR1200 WiFi Router (CVE-2021-43282, CVE-2021-43283, CVE-2021-43284)
“We wait, because we know you.” Inside the ransomware negotiation economics.
Pepijn Hack, Cybersecurity Analyst, Fox-IT, part of NCC Group Zong-Yu Wu, Threat Analyst, Fox-IT, part of NCC Group Abstract Organizations worldwide continue to face waves of digital extortion in the form of targeted ransomware. Digital extortion is now classified as the most prominent form of cybercrime and the most devastating and pervasive threat to functioning … Continue reading “We wait, because we know you.” Inside the ransomware negotiation economics.
Detection Engineering for Kubernetes clusters
Written by Ben Lister and Kane Ryans This blog post details the collaboration between NCC Group's Detection Engineering team and our Containerisation team in tackling detection engineering for Kubernetes. Additionally, it describes the Detection Engineering team's more generic methodology around detection engineering for new/emerging technologies and how it was used when developing detections for Kubernetes-based … Continue reading Detection Engineering for Kubernetes clusters
Vaccine Misinformation Part 1: Misinformation Attacks as a Cyber Kill Chain
The open and wide-reaching nature of social media platforms have led them to become breeding grounds for misinformation, the most recent casualty being COVID-19 vaccine information. Misinformation campaigns launched by various sources for different reasons but working towards a common objective – creating vaccine hesitancy – have been successful in triggering and amplifying the cynical … Continue reading Vaccine Misinformation Part 1: Misinformation Attacks as a Cyber Kill Chain
Technical Advisory – Arbitrary Signature Forgery in Stark Bank ECDSA Libraries (CVE-2021-43572, CVE-2021-43570, CVE-2021-43569, CVE-2021-43568, CVE-2021-43571)
Vendor: Stark Bank's open-source ECDSA cryptography libraries Vendor URL: https://starkbank.com/, https://github.com/starkbank/ Versions affected: - ecdsa-python (https://github.com/starkbank/ecdsa-python) v2.0.0 - ecdsa-java (https://github.com/starkbank/ecdsa-java) v1.0.0 - ecdsa-dotnet (https://github.com/starkbank/ecdsa-dotnet) v1.3.1 - ecdsa-elixir (https://github.com/starkbank/ecdsa-elixir) v1.0.0 - ecdsa-node (https://github.com/starkbank/ecdsa-node) v1.1.2 Author: Paul Bottinelli paul.bottinelli@nccgroup.com Advisory URLs: - ecdsa-python: https://github.com/starkbank/ecdsa-python/releases/tag/v2.0.1 - ecdsa-java: https://github.com/starkbank/ecdsa-java/releases/tag/v1.0.1 - ecdsa-dotnet: https://github.com/starkbank/ecdsa-dotnet/releases/tag/v1.3.2 - ecdsa-elixir: https://github.com/starkbank/ecdsa-elixir/releases/tag/v1.0.1 - ecdsa-node: https://github.com/starkbank/ecdsa-node/releases/tag/v1.1.3 CVE … Continue reading Technical Advisory – Arbitrary Signature Forgery in Stark Bank ECDSA Libraries (CVE-2021-43572, CVE-2021-43570, CVE-2021-43569, CVE-2021-43568, CVE-2021-43571)
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access
NCC Group’s global Cyber Incident Response Team has observed an increase in Clop ransomware victims in the past weeks. The surge can be traced back to a vulnerability in SolarWinds Serv-U that is being abused by the TA505 threat actor. TA505 is a known cybercrime threat actor, who is known for extortion attacks using the … Continue reading TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access
Public Report – Zcash NU5 Cryptography Review
In March 2021, Electric Coin Co. engaged NCC Group to perform a review of the upcoming network protocol upgrade NU5 to the Zcash protocol (codenamed "Orchard"). The review was to be performed over multiple phases: first, the specification document changes and the relevant ZIPs, then, in June 2021, the implementation itself. The Public Report for … Continue reading Public Report – Zcash NU5 Cryptography Review