Overview During the week of July 19th, 2021, information security researchers published a proof of concept tool named “PetitPotam” that exploits a flaw in Microsoft Windows Active Directory Certificate Servers with an NTLM relay attack.  The flaw allows an attacker to gain administrative privileges of an Active Directory Certificate Server once on the network with … Continue reading Detecting and Hunting for the PetitPotam NTLM Relay Attack →

RT @scotlandis: “Empowering Women to Lead #CyberSecurity” launches this week, meeting for the first time in Edinburgh. Guest speaker Yvonn…

We welcome consultation on US interagency guidance for third-party risk management. Find out more about what we’d like to see included over on our newsroom https://t.co/GsTmI2ZE2T #RiskManagement #SoftwareResilience

If you missed our CEO, Adam Palser, on Sky News this morning following the release of our annual results, you can catch his segment here https://t.co/30DENme6At https://t.co/BHWSe0b0p3

Summary PDFTron’s WebViewer UI 8.0 or below renders dangerous URLs as hyperlinks in supported documents, including JavaScript URLs, allowing the execution of arbitrary JavaScript code. Impact An attacker could steal a victim’s session tokens, log their keystrokes, steal private data, or perform privileged actions in the context of a victim’s session. Details JavaScript URLs are … Continue reading Technical Advisory: PDFTron JavaScript URLs Allowed in WebViewer UI (CVE-2021-39307) →

Want to know more about our #research, which includes recent features on #cryptography, vaccine passports, and a critical review of the NSA and CISA's #Kubernetes security guidance? Find all the highlights on @NCCGroupInfosec, or see more at https://t.co/XNGJXGtUnH https://t.co/76FYdCDd0R

This is the second blog post in a new code-centric series about selected optimizations found in pairing-based cryptography. Pairing operations are foundational to the BLS Signatures central to Ethereum 2.0, the zero-knowledge arguments underpinning Filecoin, and a wide variety of other emerging applications. While my prior blog series, “Pairing over BLS12-381,” implemented the entire pairing … Continue reading Optimizing Pairing-Based Cryptography: Montgomery Multiplication in Assembly →

tl;dr NCC Group’s Research & Development team designed and built CertPortal which allows users to create and manage S/MIME certificates automating the registration and renewal to allow enterprise scale deployment. The core of the system integrates DigiCert to create an S/MIME certificate and then storing both the certificate, the password, creation and expiry dates in … Continue reading CertPortal: Building Self-Service Secure S/MIME Provisioning Portal →

Last month, the United States’ National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Technical Report (CTR) detailing the security hardening they recommend be applied to Kubernetes clusters, which is available here. The guidance the document contains is generally reasonable, but there are several points which are either incorrect or … Continue reading NSA & CISA Kubernetes Security Guidance – A Critical Review →

Summary The New York State (NYS) Excelsior scanner app is used by businesses or event venues to scan the QR codes contained in the NYS Excelsior wallet app to verify that an individual has either a negative COVID-19 test or their vaccination status. We have found that some data about the businesses/event venues using the app … Continue reading Technical Advisory – New York State Excelsior Pass Vaccine Passport Scanner App Sends Data to a Third Party not Specified in Privacy Policy →