Skip to content

Latest news

Upcoming events

Social media

RT @buffaloverflow: Just published advisories for Pulse Connect Secure CVE-2020-8260 and CVE-2020-8255. Auth file read and auth RCE. Docum…

Multiple Technical Advisories for Pulse Connect Secure - Arbitrary File Read via Logon Message (CVE-2020-8255) and… https://t.co/mosJ1tvxdY

Summary Pulse Connect Secure suffers from an arbitrary file read vulnerability in the pre/post logon message component. An authenticated administrative user could exploit this issue to read arbitrary files from the underlying Operating System. Impact Successful exploitation of this issue could facilitate the attacker in extracting source code, credentials, or other cryptographic material such as … Continue reading Technical Advisory: Pulse Connect Secure – Arbitrary File Read via Logon Message (CVE-2020-8255) →

Summary The Pulse Connect Secure appliance suffers from an uncontrolled gzip extraction vulnerability which allows an attacker to overwrite arbitrary files, resulting in Remote Code Execution as root. Impact Successful exploitation by an authenticated administrator results in Remote Code Execution on the underlying Operating System with root privileges. An attacker with such access will be … Continue reading Technical Advisory: Pulse Connect Secure – RCE via Uncontrolled Gzip Extraction (CVE-2020-8260) →

RT @NCCGroupInfosec: Technical Advisory - Linksys WRT160NL – Authenticated Remote Buffer Overflow (CVE-2020-26561) https://t.co/36CzgecVW5…

We asked you about who is responsible for keeping your personal data secure – and the results revealed a mixed pict… https://t.co/87iPPABtBg

Current Vendor: Jitsi Vendor URL: https://jitsi.org Versions affected: 1.x.x Systems Affected: Jitsi Meet Electron Authors: Robert Wessen robert[dot]wessen[at]nccgroup[dot]com CVE Identifier: CVE-2020-27162 Risk: 8.3 (High) – AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Summary Jitsi is an open source online communication suite. It includes a variety of audio, video, text and screen sharing capabilities. Both server, client, and libraries for third party … Continue reading Technical Advisory – Jitsi Meet Electron – Arbitrary Client Remote Code Execution (CVE-2020-27162) →

The video gaming industry is continuing to grow – but what does this mean for anti-cheat technology? In our latest… https://t.co/LPd3YtFncV

Read what our colleague Crystal Robinson, from our Manchester, UK office has to say on what it means to be Black as… https://t.co/4nFHDG3k4X

Press contacts

NCC Group Press Office

NCC Group Press Office

Press contact All media enquires relating to NCC Group plc +44 7824 412 405
NCC Group - Financial Media Enquiries

NCC Group - Financial Media Enquiries

Press contact Maitland AMO Financial Results Media Enquiries +44 (0)20 7379 5151
Regional Press Office - North America

Regional Press Office - North America

Press contact +1 408 776 1400

NCC Group exists to make the world safer and more secure

In today’s threat landscape understanding the risks your organization and customers are exposed to is more important than ever.

Understanding the impact and what you can do to make your organization more resilient is key to protecting brand, reputation and sensitive customer information. Building a cyber-resilient organization can be a complex process but it’s not impossible.

With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate and respond to the risks they face.

NCC Group Newsroom
XYZ Building, 2 Hardman Boulevard, Spinningfield
M3 3AQ Manchester
United Kingdom