NCC Group Research Blog

The disadvantages of a blacklist-based approach to input validation

NCC Group Research Blog

1 year ago

The economics of defensive security

NCC Group Research Blog

1 year ago

The death of USB autorun and the rise of the USB keyboard

NCC Group Research Blog

1 year ago

The Demise of Signature Based Antivirus

NCC Group Research Blog

1 year ago

The Database Hacker’s Handbook

NCC Group Research Blog

1 year ago

The Challenges of Fuzzing 5G Protocols

NCC Group Research Blog

1 year ago

The CIS Security Standard for Docker available now

NCC Group Research Blog

1 year ago

The Case of Missing File Extensions

NCC Group Research Blog

1 year ago

The CERT® C Coding Standard, Second Edition: 98 Rules for Developing Safe, Reliable, and Secure Systems

NCC Group Research Blog

1 year ago

The Automotive Threat Modeling Template

NCC Group Research Blog

1 year ago

The Browser Hacker’s Handbook

NCC Group Research Blog

1 year ago

The 9 Lives of Bleichenbacher’s CAT: New Cache ATtacks on TLS Implementations

NCC Group Research Blog

1 year ago

The ABCs of NFC chip security

NCC Group Research Blog

1 year ago

Testing Infrastructure-as-Code Using Dynamic Tooling

NCC Group Research Blog

1 year ago

Testing Two-Factor Authentication

NCC Group Research Blog

1 year ago

Testing HTTP/2 only web services

NCC Group Research Blog

1 year ago

Technical Advisory: Unauthenticated Remote Command Execution through Multiple Vulnerabilities in Virgin Media Hub 3.0

NCC Group Research Blog

1 year ago

Technical Advisory: Unauthenticated SQL Injection in Lansweeper

NCC Group Research Blog

1 year ago

Technical Advisory: Sonos Era 100 Secure Boot Bypass Through Unchecked setenv() call

NCC Group Research Blog

1 year ago

Technical Advisory: SQL Injection and Reflected Cross-Site Scripting (XSS) Vulnerabilities in Oracle Communications Diameter Signaling Router (CVE-2020-14787, CVE-2020-14788)

NCC Group Research Blog

1 year ago

NCC Group Research Blog feed