NCC Group Research Blog
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access
10 months 2 weeks ago
TA505: A Brief History Of Their Time
10 months 2 weeks ago
Sysinternals SDelete: When Secure Delete Fails
10 months 2 weeks ago
SysPWN – VR for Pwn2Own
10 months 2 weeks ago
SysAid Helpdesk blind SQL injection
10 months 2 weeks ago
SysAid Helpdesk Pro – Blind SQL Injection
10 months 2 weeks ago
SysAid Helpdesk stored XSS
10 months 2 weeks ago
Symantec Messaging Gateway SSH with backdoor user account + privilege escalation to root due to very old Kernel
10 months 2 weeks ago
Symantec PC Anywhere Remote Code Extecution
10 months 2 weeks ago
Symantec Messaging Gateway Easy CSRF to add a backdoor-administrator (for example)
10 months 2 weeks ago
Symantec Messaging Gateway Out of band stored XSS delivered by email
10 months 2 weeks ago
Symantec Messaging Gateway – Unauthorised SSH access
10 months 2 weeks ago
Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL (authenticated)
10 months 2 weeks ago
Symantec Messaging Gateway – Out of band stored XSS via email
10 months 2 weeks ago
Symantec Messaging Gateway – Unauthenticated detailed version disclosure
10 months 2 weeks ago
Symantec Messaging Gateway – Addition of a backdoor adminstrator via CSRF
10 months 2 weeks ago
Symantec Messaging Gateway – Authenticated arbritary file download
10 months 2 weeks ago
Symantec Message Filter Session Hijacking via session
10 months 2 weeks ago
Symantec Message Filter Unauthenticated verbose software version information disclosure
10 months 2 weeks ago
Checked
6 hours ago