by Aaron Haymore, Iain Smart, Viktor Gazdag, Divya Natesan, and Jennifer Fernick Mainstream appreciation for cyberattacks targeting continuous integration and continuous delivery/continuous deployment (CI/CD) pipelines has been gaining momentum. Attackers and defenders increasingly understand that build pipelines are highly-privileged targets with a substantial attack surface. But what are the potential weak points in a CI/CD … Continue reading 10 real-world stories of how we’ve compromised CI/CD pipelines
Archive
Impersonating Gamers With GPT-2
In this blog post, I’m going to recount the story of my quest to train OpenAI’s large language model, GPT-2, to create a virtual doppelganger of myself and my peers. Machine learning is one of those buzzwords that, sometimes, lives up to its reputation. As an information security professional, my go-to hobby has typically been … Continue reading Impersonating Gamers With GPT-2
NCC Group’s 2021 Annual Research Report
Following the popularity of our first Annual Research Report in 2020, we present to you now for the second year, a summary of our public-facing security research findings from across the over 237 conference publications, technical blog posts, advisories, and tool releases published by researchers at NCC Group between January 1 2021 and December 31 … Continue reading NCC Group’s 2021 Annual Research Report
Tool Release – insject: A Linux Namespace Injector
tl;dr Grab the release binary from our repo and have fun. Also, happy new year; 2021 couldn’t end soon enough. Background A while back, I was asked by one of my coworkers on the PSC team about ways in which to make their custom credit card data scanner cloud native to assess Kubernetes clusters. While … Continue reading Tool Release – insject: A Linux Namespace Injector
Detecting anomalous Vectored Exception Handlers on Windows
We have documented a method of enumerating which processes are using Vectored Exception Handling on Windows and which if any of the handlers are anomalous
On the malicious use of large language models like GPT-3
(Or, “Can large language models generate exploits?”) While attacking machine learning systems is a hot topic for which attacks have begun to be demonstrated, I believe that there are a number of entirely novel, yet-unexplored attack-types and security risks that are specific to large language models (LMs), that may be intrinsically dependent upon things like … Continue reading On the malicious use of large language models like GPT-3
Exploring the Security & Privacy of Canada’s Digital Proof of Vaccination Programs
by Drew Wade, Emily Liu, and Siddarth Adukia TL; DR We studied a range of Canadian provinces' proof-of-vaccination apps to analyze their associated security and privacy properties. In particular, building on prior work in which some of us created an assessment framework for evaluating the security & privacy of vaccine passports, in this post, we … Continue reading Exploring the Security & Privacy of Canada’s Digital Proof of Vaccination Programs
Tool Update – ruby-trace: A Low-Level Tracer for Ruby
We released ruby-trace back in August to coincide with my DEF CON 29 talk on it and parasitic tracing in general. Back then, it supported (c)Ruby 2.6 through 3.0. A few days ago, Ruby 3.1 was released. We have updated ruby-trace to add support for Ruby 3.1 and reorganized our test suite to validate our … Continue reading Tool Update – ruby-trace: A Low-Level Tracer for Ruby
Tool Release – shouganaiyo-loader: A Tool to Force JVM Attaches
Background Java Virtual Machines (JVMs) provide a number of mechanisms to inspect and modify the Java applications and the runtime they stand on. These include Java agents, JARs that are capable of modifying Java class files at runtime; and JVMTI agents, native libraries that can perform deep hooking into the innards of the JVM itself. … Continue reading Tool Release – shouganaiyo-loader: A Tool to Force JVM Attaches
Technical Advisory – Lenovo ImController Local Privilege Escalation (CVE-2021-3922, CVE-2021-3969)
Vendor: Lenovo Vendor URL: https://www.lenovo.com/ Versions affected: 1.1.20.2 Systems Affected: Windows Author: rick.veldhoven@fox-it.com Advisory URL: https://support.lenovo.com/us/en/product_security/LEN-75210 CVE Identifier: CVE-2021-3922, CVE-2021-3969 Risk: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:R CVSSv3.1: 7.1 Summary The ImController service comes installed on certain Lenovo devices, for example NCC found the service installed on a ThinkPad workstation. The service runs as the SYSTEM user and periodically executes … Continue reading Technical Advisory – Lenovo ImController Local Privilege Escalation (CVE-2021-3922, CVE-2021-3969)