UK SC RSS Feed https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/ en-GB Tue, 17 Apr 2018 00:00:00 GMT (c) Copyright 2018 NCC Group https://www.nccgroup.trust/globalassets/placeholder-square.gif UK SC RSS Feed https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/ 20 20 <![CDATA[Decoding network data from a Gh0st RAT variant]]> We were able to retrieve some files which appeared to be linked with a well-known group named Iron Tiger. ]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/april/decoding-network-data-from-a-gh0st-rat-variant/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/april/decoding-network-data-from-a-gh0st-rat-variant/ Tue, 17 Apr 2018 00:00:00 GMT <![CDATA[Reflections on CyberUK]]> It is fair to say that we have truly arrived. ]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/april/reflections-on-cyberuk/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/april/reflections-on-cyberuk/ Mon, 16 Apr 2018 00:00:00 GMT <![CDATA[Ethereum top 10 security vulnerabilities for smart contracts]]> This blog details the launch of the Decentralized Application Security Project (DASP).]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/april/ethereum-top-10-security-vulnerabilities-for-smart-contracts/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/april/ethereum-top-10-security-vulnerabilities-for-smart-contracts/ Fri, 13 Apr 2018 00:00:00 GMT <![CDATA[Security in a vacuum: Hacking the Neato Botvac Connected, part two]]> This is the final section of a two-part series detailing how the author attacked the Internet connected Vacuum. ]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/april/security-in-a-vacuum-hacking-the-neato-botvac-connected-part-2/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/april/security-in-a-vacuum-hacking-the-neato-botvac-connected-part-2/ Thu, 05 Apr 2018 00:00:00 GMT <![CDATA[Tackling 5G security with threat modelling]]> With 5G on the horizon we consider the security implications of the next generation of mobile communication.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/tackling-5g-security-with-threat-modelling/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/tackling-5g-security-with-threat-modelling/ Fri, 23 Mar 2018 02:00:00 GMT <![CDATA[Revisiting security debt: Are we ready to have a discussion yet?]]> A discussion on software security debt and its increasing importance for organisations.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/revisiting-security-debt-are-we-ready-to-have-a-discussion-yet/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/revisiting-security-debt-are-we-ready-to-have-a-discussion-yet/ Fri, 16 Mar 2018 03:00:00 GMT <![CDATA[Introducing BLEBoy]]> This blog introduces BLEboy, which allows users to understand and test BLE device communication security. ]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/introducing-bleboy/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/introducing-bleboy/ Mon, 12 Mar 2018 00:00:00 GMT <![CDATA[APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS]]> In May 2017, NCC Group's Incident Response team reacted to an ongoing incident where our client, which provides a range of...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/apt15-is-alive-and-strong-an-analysis-of-royalcli-and-royaldns/ Fri, 09 Mar 2018 22:00:00 GMT <![CDATA[A guide to GDPR for Security]]> The third in our series of GDPR guides targeted at specific functions, this time focusing on security-related activities.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/a-guide-to-gdpr/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/march/a-guide-to-gdpr/ Fri, 09 Mar 2018 16:00:00 GMT <![CDATA[Analysis: Global risks, threat intelligence and UK legislation]]> Year on year, there are multiple reports warning us that the gravity of the cyber threat that modern societies face has...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/february/analysis-global-risks-threat-intelligence-and-uk-legislation/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/february/analysis-global-risks-threat-intelligence-and-uk-legislation/ Wed, 28 Feb 2018 02:00:00 GMT <![CDATA[Exploring the risk landscape for DDI (DNS, DHCP & IPAM)]]> Many organisations don’t realise that DNS, a core element of DDI, is a key threat vector.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/february/exploring-the-risk-landscape-for-ddi/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/february/exploring-the-risk-landscape-for-ddi/ Tue, 27 Feb 2018 00:00:00 GMT <![CDATA[EternalGlue part two: A rebuilt NotPetya gets its first execution outside of the lab]]> In June 2017, we were asked by a client to rebuild NotPetya from scratch. Instead of the data destruction payload, they asked...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/february/eternalglue-part-two-a-rebuilt-notpetya-gets-its-first-execution-outside-of-the-lab/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/february/eternalglue-part-two-a-rebuilt-notpetya-gets-its-first-execution-outside-of-the-lab/ Thu, 15 Feb 2018 02:00:00 GMT <![CDATA[How to avoid the crypto-minefield]]> How one organisation was targeted by criminal crypto-mining; a rising trend in cyber security.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/february/how-to-avoid-the-crypto-minefield/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/february/how-to-avoid-the-crypto-minefield/ Fri, 02 Feb 2018 02:00:00 GMT <![CDATA[NCC Group analysis: UK Cost of Cyber Crime report and public perception]]> As cyber attacks become the new reality, organisations should be proactive in preparing themselves for when cyber events occur. ]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/january/ncc-group-analysis-uk-cost-of-cyber-crime-report-and-public-perception/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/january/ncc-group-analysis-uk-cost-of-cyber-crime-report-and-public-perception/ Fri, 26 Jan 2018 03:00:00 GMT <![CDATA[Security oversight: The big picture view of security 2018]]> A blog discussing the importance of understanding the big picture of security via effective business metrics.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/january/security-oversight-the-big-picture-view-of-security-2018/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/january/security-oversight-the-big-picture-view-of-security-2018/ Fri, 26 Jan 2018 02:00:00 GMT <![CDATA[Spectre and Meltdown: What you need to know]]> In the first days of 2018, a number of vulnerabilities were disclosed that are present in many modern-day CPUs.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/january/spectre-and-meltdown-what-you-need-to-know/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/january/spectre-and-meltdown-what-you-need-to-know/ Fri, 26 Jan 2018 01:00:00 GMT <![CDATA[NCC Group's trends of 2018]]> For better or worse, 2017 was a memorable year across the technology and cyber security landscapes. Data breaches were massive...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/january/ncc-groups-trends-of-2018/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/january/ncc-groups-trends-of-2018/ Fri, 19 Jan 2018 02:00:00 GMT <![CDATA[Mandatory data breach notification: Are you ready?]]> This blog discusses the Australian mandatory data breach notification scheme, and how to know if your organisation is prepared.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/january/mandatory-data-breach-notification-are-you-ready/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/january/mandatory-data-breach-notification-are-you-ready/ Fri, 19 Jan 2018 01:00:00 GMT <![CDATA[From Splunk 5.x to 7.0: Just what have you been missing out on?]]> In this blog we discuss the top 10 changes between Splunk versions 5.x and 7.0 that has had the biggest impacts on users.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/january/from-splunk-5.x-to-7.0-just-what-have-you-been-missing-out-on/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/january/from-splunk-5.x-to-7.0-just-what-have-you-been-missing-out-on/ Fri, 12 Jan 2018 02:00:00 GMT <![CDATA[What can ‘ghost ships’ tell us about the North Korean cyber threat?]]> In this blog we discuss the link between an increase in ships washing ashore in Japan and the cyber threat from North Korea.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/december/what-can-ghost-ships-tell-us-about-the-north-korean-cyber-threat/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/december/what-can-ghost-ships-tell-us-about-the-north-korean-cyber-threat/ Thu, 21 Dec 2017 02:00:00 GMT <![CDATA[HIDDEN COBRA Volgmer: A technical analysis]]> In November, US-CERT published two alerts about malicious activity by the North Korean government, referred to as HIDDEN COBRA...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/december/hidden-cobra-volgmer-a-technical-analysis/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/december/hidden-cobra-volgmer-a-technical-analysis/ Wed, 13 Dec 2017 02:00:00 GMT <![CDATA[BlackHat Europe 2017: NCC Group pre-event challenge part two]]> Following on from the cipher challenge released recently in the build up to BlackHat EU (Hint: people seem to have had more...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/blackhat-europe-2017-ncc-group-pre-event-challenge-part-two/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/blackhat-europe-2017-ncc-group-pre-event-challenge-part-two/ Tue, 05 Dec 2017 00:00:00 GMT <![CDATA[Black Hat Europe 2017: NCC Group’s pre-event challenges part one]]> Black Hat Europe 2017 is less than one week away, so we thought it would be fun to release a couple of security challenges to...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/black-hat-europe-2017-ncc-groups-pre-event-challenges-part-one/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/black-hat-europe-2017-ncc-groups-pre-event-challenges-part-one/ Wed, 29 Nov 2017 04:00:00 GMT <![CDATA[Eggplant AI from Testplant: No test automation experience, no problem]]> At the start of November, Testplant launched Eggplant AI, a brand new addition to the digital test specialist’s Eggplant...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/eggplant-ai-from-testplant-no-test-automation-experience-no-problem/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/eggplant-ai-from-testplant-no-test-automation-experience-no-problem/ Wed, 29 Nov 2017 02:00:00 GMT <![CDATA[Kubernetes security: Consider your threat model]]> One of the questions that I've been asked on multiple occasions when presenting on Kubernetes security is...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/kubernetes-security-consider-your-threat-model/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/kubernetes-security-consider-your-threat-model/ Thu, 23 Nov 2017 02:00:00 GMT <![CDATA[Common security issues in Azure & the importance of configuring your cloud environment]]> Azure audits (or Azure configuration reviews) are slowly becoming more common as larger organisations move their infrastructure...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/common-security-issues-in-azure-and-the-importance-of-configuring-your-cloud-environment/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/common-security-issues-in-azure-and-the-importance-of-configuring-your-cloud-environment/ Tue, 21 Nov 2017 02:00:00 GMT <![CDATA[Cisco ASA series part eight: Exploiting the CVE-2016-1287 heap overflow over IKEv1]]> Exodus Intel released how they exploited [1] CVE-2016-1287 for IKEv2 in February 2016, but there wasn't anything public for...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/cisco-asa-series-part-eight-exploiting-the-cve-2016-1287-heap-overflow-over-ikev1/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/cisco-asa-series-part-eight-exploiting-the-cve-2016-1287-heap-overflow-over-ikev1/ Fri, 10 Nov 2017 02:00:00 GMT <![CDATA[WhatsApp scams and the use of internationalised domain names]]> There has recently been widespread reporting of scams that are circulating in the UK on the WhatsApp messaging platform, an...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/whatsapp-scams-and-the-use-of-internationalised-domain-names/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/whatsapp-scams-and-the-use-of-internationalised-domain-names/ Thu, 09 Nov 2017 02:00:00 GMT <![CDATA[Bypassing Android’s Network Security Configuration]]> With the release of Android Nougat (Android 7) came a new security feature called Network Security Configuration.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/bypassing-androids-network-security-configuration/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/november/bypassing-androids-network-security-configuration/ Fri, 03 Nov 2017 02:00:00 GMT <![CDATA[Cisco ASA series part seven: Checkheaps]]> As part of our ongoing series we would like to talk about Cisco's Checkheaps security and stability mechanism.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-series-part-seven-checkheaps/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-series-part-seven-checkheaps/ Thu, 26 Oct 2017 01:00:00 GMT <![CDATA[BadRabbit ransomware hits targets within Eastern Europe]]> In this blog we provide a summary of all the details known about the latest Bad Rabbit ransomware outbreak.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/bad-rabbit-ransomware-hits-targets-within-eastern-europe/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/bad-rabbit-ransomware-hits-targets-within-eastern-europe/ Wed, 25 Oct 2017 02:00:00 GMT <![CDATA[Cisco ASA series part six: Cisco ASA mempools]]> In part five, we document some of the details around Cisco ASA mempools and how the mempool-related functions wrap more...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-series-part-six-cisco-asa-mempools/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-series-part-six-cisco-asa-mempools/ Mon, 23 Oct 2017 02:00:00 GMT <![CDATA[Exploring SIEM solutions and their security benefits]]> A blog explaining what a SIEM is, and how it fits into the security posture of enterprises.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/exploring-siem-solutions-and-their-security-benefits/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/exploring-siem-solutions-and-their-security-benefits/ Tue, 17 Oct 2017 02:00:00 GMT <![CDATA[Employee Spotlight: Anthony, Principal Security Consultant, Australia]]> Anthony Caulfield, Principal Security Consultant for NCC Group in Sydney, features in our latest Employee Spotlight.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/employee-spotlight-anthony-principal-security-consultant-australia/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/employee-spotlight-anthony-principal-security-consultant-australia/ Mon, 16 Oct 2017 04:00:00 GMT <![CDATA[Cisco ASA series part five: libptmalloc gdb plugin]]> We're releasing a gdb plugin for analysing ptmalloc2. This plugin is essentially a fork from an older version of cloudburst's...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-blog-series-part-five-libptmalloc-gdb-plugin/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-blog-series-part-five-libptmalloc-gdb-plugin/ Mon, 16 Oct 2017 02:00:00 GMT <![CDATA[Policy as Code: An opportunity to increase resilience while lowering the cost of compliance]]> Cyber resilience is now a game of scale, complexity, compliance and cost. On one hand, we have organisations and supply chains...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/policy-as-code-an-opportunity-to-increase-resilience-while-lowering-the-cost-of-compliance/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/policy-as-code-an-opportunity-to-increase-resilience-while-lowering-the-cost-of-compliance/ Mon, 16 Oct 2017 01:00:00 GMT <![CDATA[Avoid a data hostage situation with Managed NTM from NCC Group]]> Ransomware is one of the biggest security challenges facing businesses of all sizes. And as organisations seek to streamline...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/avoid-a-data-hostage-situation-with-managed-ntm-from-ncc-group/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/avoid-a-data-hostage-situation-with-managed-ntm-from-ncc-group/ Fri, 13 Oct 2017 02:00:00 GMT <![CDATA[How recent data breaches can help you avoid a catfish attack]]> Suggestions that recent, high profile data breaches were enabled with so-called ‘catfish’ operations should not come as a...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/how-recent-data-breaches-can-help-you-avoid-a-catfish-attack/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/how-recent-data-breaches-can-help-you-avoid-a-catfish-attack/ Thu, 12 Oct 2017 10:00:00 GMT <![CDATA[Can we nudge our way to improved cyber security? Why a simple thank you might help]]> When the new Nobel Economics laureate, Dr Richard Thaler, was asked how he would spend the more than one million dollars in...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/can-we-nudge-our-way-to-improved-cyber-security-why-a-simple-thank-you-might-help/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/can-we-nudge-our-way-to-improved-cyber-security-why-a-simple-thank-you-might-help/ Thu, 12 Oct 2017 02:00:00 GMT <![CDATA[Cisco ASA series part four: dlmalloc-2.8.x, libdlmalloc, & dlmalloc on Cisco ASA]]> This article is meant to provide a summary of some key functionality for dlmalloc-2.8.x and introduce a debugging plugin called...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-series-part-four-dlmalloc-2.8.x-libdlmalloc-and-dlmalloc-on-cisco-asa/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-series-part-four-dlmalloc-2.8.x-libdlmalloc-and-dlmalloc-on-cisco-asa/ Mon, 09 Oct 2017 02:00:00 GMT <![CDATA[SusanRTTI: an IDAPython plugin for viewing run-time type information]]> Run‐type type information, or RTTI, refers to class information present in compiled C++ binaries. Depending on the class...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/python-class-informer-an-idapython-plugin-for-viewing-run-time-type-information-rtti/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/python-class-informer-an-idapython-plugin-for-viewing-run-time-type-information-rtti/ Thu, 05 Oct 2017 00:00:00 GMT <![CDATA[Splunk .conf2017 highlights]]> This blog post provides highlights of Splunk .conf2017. ]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/splunk-.conf2017-highlights/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/splunk-.conf2017-highlights/ Tue, 03 Oct 2017 00:00:00 GMT <![CDATA[Decoder Improved Burp Suite Plugin Release, Part 2]]> In the previous blog post, we walked through the primary benefits of using Decoder Improved over the Burp Suite’s built-in...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/decoder-improved-burp-suite-plugin-release-part-2/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/decoder-improved-burp-suite-plugin-release-part-2/ Tue, 03 Oct 2017 00:00:00 GMT <![CDATA[Cisco ASA series part three: Debugging Cisco ASA firmware]]> Cisco ASA series part three: Debugging Cisco ASA firmware]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-series-part-three-debugging-cisco-asa-firmware/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-series-part-three-debugging-cisco-asa-firmware/ Mon, 02 Oct 2017 01:00:00 GMT <![CDATA[Splunk 5.x: EOL & what does that mean for you?]]> End of life for Splunk 5.x has officially been announced, so we explore the implications for businesses that currently use 5.x.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/splunk-5.x-eol-and-what-does-that-mean-for-you/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/splunk-5.x-eol-and-what-does-that-mean-for-you/ Fri, 29 Sep 2017 03:00:00 GMT <![CDATA[Splunk .conf2017: Splunk 7 released and other news]]> We explore the latest news from Splunk's annual conference, plus details on new version 7.0.0, including how you can upgrade.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/splunk-.conf2017-splunk-7-released-and-other-news/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/splunk-.conf2017-splunk-7-released-and-other-news/ Fri, 29 Sep 2017 02:00:00 GMT <![CDATA[Cisco ASA series part two: Static analysis & datamining of Cisco ASA firmware]]> During our research, we ended up wanting to analyse a large number of Cisco ASA firmware files. Most importantly, we needed to...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/cisco-asa-series-part-two-static-analysis-and-datamining-of-cisco-asa-firmware/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/cisco-asa-series-part-two-static-analysis-and-datamining-of-cisco-asa-firmware/ Mon, 25 Sep 2017 02:00:00 GMT <![CDATA[Cisco ASA series part one: Intro to the Cisco ASA]]> We’ve spent a bunch of time investigating Cisco ASA devices and their firmware while looking into exploiting CVE-2016-1287...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/cisco-asa-series-part-one-intro-to-the-cisco-asa/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/cisco-asa-series-part-one-intro-to-the-cisco-asa/ Wed, 20 Sep 2017 02:00:00 GMT <![CDATA[EternalGlue part one: Rebuilding NotPetya to assess real-world resilience]]> We were engaged by a client back in June 2017 to rebuild NotPetya from scratch. However, instead of the data destruction...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/eternalglue-part-one-rebuilding-notpetya-to-assess-real-world-resilience/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/eternalglue-part-one-rebuilding-notpetya-to-assess-real-world-resilience/ Tue, 19 Sep 2017 02:00:00 GMT <![CDATA[Machiavelli not Monty: Why CISOs may need a degree in politics more than security]]> A recent Twitter exchange between the military historian Jill S. Russell and journalist Tom Ricks on a question of modern...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/machiavelli-not-monty-why-cisos-may-need-a-degree-in-politics-more-than-security/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/machiavelli-not-monty-why-cisos-may-need-a-degree-in-politics-more-than-security/ Mon, 18 Sep 2017 02:00:00 GMT