UK SC RSS Feed https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/ en-GB Tue, 17 Oct 2017 02:00:00 GMT (c) Copyright 2017 NCC Group https://www.nccgroup.trust/globalassets/placeholder-square.gif UK SC RSS Feed https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/ 20 20 <![CDATA[Exploring SIEM solutions and their security benefits]]> A blog explaining what a SIEM is, and how it fits into the security posture of enterprises.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/exploring-siem-solutions-and-their-security-benefits/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/exploring-siem-solutions-and-their-security-benefits/ Tue, 17 Oct 2017 02:00:00 GMT <![CDATA[Employee Spotlight: Anthony, Principal Security Consultant, Australia]]> Anthony Caulfield, Principal Security Consultant for NCC Group in Sydney, features in our latest Employee Spotlight.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/employee-spotlight-anthony-principal-security-consultant-australia/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/employee-spotlight-anthony-principal-security-consultant-australia/ Mon, 16 Oct 2017 04:00:00 GMT <![CDATA[Cisco ASA series part five: libptmalloc gdb plugin]]> We're releasing a gdb plugin for analysing ptmalloc2. This plugin is essentially a fork from an older version of cloudburst's...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-blog-series-part-five-libptmalloc-gdb-plugin/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-blog-series-part-five-libptmalloc-gdb-plugin/ Mon, 16 Oct 2017 02:00:00 GMT <![CDATA[Policy as Code: An opportunity to increase resilience while lowering the cost of compliance]]> Cyber resilience is now a game of scale, complexity, compliance and cost. On one hand, we have organisations and supply chains...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/policy-as-code-an-opportunity-to-increase-resilience-while-lowering-the-cost-of-compliance/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/policy-as-code-an-opportunity-to-increase-resilience-while-lowering-the-cost-of-compliance/ Mon, 16 Oct 2017 01:00:00 GMT <![CDATA[Avoid a data hostage situation with Managed NTM from NCC Group]]> Ransomware is one of the biggest security challenges facing businesses of all sizes. And as organisations seek to streamline...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/avoid-a-data-hostage-situation-with-managed-ntm-from-ncc-group/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/avoid-a-data-hostage-situation-with-managed-ntm-from-ncc-group/ Fri, 13 Oct 2017 02:00:00 GMT <![CDATA[How recent data breaches can help you avoid a catfish attack]]> Suggestions that recent, high profile data breaches were enabled with so-called ‘catfish’ operations should not come as a...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/how-recent-data-breaches-can-help-you-avoid-a-catfish-attack/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/how-recent-data-breaches-can-help-you-avoid-a-catfish-attack/ Thu, 12 Oct 2017 10:00:00 GMT <![CDATA[Can we nudge our way to improved cyber security? Why a simple thank you might help]]> When the new Nobel Economics laureate, Dr Richard Thaler, was asked how he would spend the more than one million dollars in...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/can-we-nudge-our-way-to-improved-cyber-security-why-a-simple-thank-you-might-help/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/can-we-nudge-our-way-to-improved-cyber-security-why-a-simple-thank-you-might-help/ Thu, 12 Oct 2017 02:00:00 GMT <![CDATA[Cisco ASA series part four: dlmalloc-2.8.x, libdlmalloc, & dlmalloc on Cisco ASA]]> This article is meant to provide a summary of some key functionality for dlmalloc-2.8.x and introduce a debugging plugin called...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-series-part-four-dlmalloc-2.8.x-libdlmalloc-and-dlmalloc-on-cisco-asa/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-series-part-four-dlmalloc-2.8.x-libdlmalloc-and-dlmalloc-on-cisco-asa/ Mon, 09 Oct 2017 02:00:00 GMT <![CDATA[SusanRTTI: an IDAPython plugin for viewing run-time type information]]> Run‐type type information, or RTTI, refers to class information present in compiled C++ binaries. Depending on the class...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/python-class-informer-an-idapython-plugin-for-viewing-run-time-type-information-rtti/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/python-class-informer-an-idapython-plugin-for-viewing-run-time-type-information-rtti/ Thu, 05 Oct 2017 00:00:00 GMT <![CDATA[Splunk .conf2017 highlights]]> This blog post provides highlights of Splunk .conf2017. ]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/splunk-.conf2017-highlights/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/splunk-.conf2017-highlights/ Tue, 03 Oct 2017 00:00:00 GMT <![CDATA[Decoder Improved Burp Suite Plugin Release, Part 2]]> In the previous blog post, we walked through the primary benefits of using Decoder Improved over the Burp Suite’s built-in...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/decoder-improved-burp-suite-plugin-release-part-2/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/decoder-improved-burp-suite-plugin-release-part-2/ Tue, 03 Oct 2017 00:00:00 GMT <![CDATA[Cisco ASA series part three: Debugging Cisco ASA firmware]]> Cisco ASA series part three: Debugging Cisco ASA firmware]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-series-part-three-debugging-cisco-asa-firmware/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/october/cisco-asa-series-part-three-debugging-cisco-asa-firmware/ Mon, 02 Oct 2017 01:00:00 GMT <![CDATA[Splunk 5.x: EOL & what does that mean for you?]]> End of life for Splunk 5.x has officially been announced, so we explore the implications for businesses that currently use 5.x.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/splunk-5.x-eol-and-what-does-that-mean-for-you/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/splunk-5.x-eol-and-what-does-that-mean-for-you/ Fri, 29 Sep 2017 03:00:00 GMT <![CDATA[Splunk .conf2017: Splunk 7 released and other news]]> We explore the latest news from Splunk's annual conference, plus details on new version 7.0.0, including how you can upgrade.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/splunk-.conf2017-splunk-7-released-and-other-news/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/splunk-.conf2017-splunk-7-released-and-other-news/ Fri, 29 Sep 2017 02:00:00 GMT <![CDATA[Cisco ASA series part two: Static analysis & datamining of Cisco ASA firmware]]> During our research, we ended up wanting to analyse a large number of Cisco ASA firmware files. Most importantly, we needed to...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/cisco-asa-series-part-two-static-analysis-and-datamining-of-cisco-asa-firmware/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/cisco-asa-series-part-two-static-analysis-and-datamining-of-cisco-asa-firmware/ Mon, 25 Sep 2017 02:00:00 GMT <![CDATA[Cisco ASA series part one: Intro to the Cisco ASA]]> We’ve spent a bunch of time investigating Cisco ASA devices and their firmware while looking into exploiting CVE-2016-1287...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/cisco-asa-series-part-one-intro-to-the-cisco-asa/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/cisco-asa-series-part-one-intro-to-the-cisco-asa/ Wed, 20 Sep 2017 02:00:00 GMT <![CDATA[EternalGlue part one: Rebuilding NotPetya to assess real-world resilience]]> We were engaged by a client back in June 2017 to rebuild NotPetya from scratch. However, instead of the data destruction...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/eternalglue-part-one-rebuilding-notpetya-to-assess-real-world-resilience/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/eternalglue-part-one-rebuilding-notpetya-to-assess-real-world-resilience/ Tue, 19 Sep 2017 02:00:00 GMT <![CDATA[Machiavelli not Monty: Why CISOs may need a degree in politics more than security]]> A recent Twitter exchange between the military historian Jill S. Russell and journalist Tom Ricks on a question of modern...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/machiavelli-not-monty-why-cisos-may-need-a-degree-in-politics-more-than-security/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/machiavelli-not-monty-why-cisos-may-need-a-degree-in-politics-more-than-security/ Mon, 18 Sep 2017 02:00:00 GMT <![CDATA[Decoder Improved Burp Suite plugin release part one]]> Burp Suite’s built-in decoder component, while useful, is missing important features and cannot be extended. To remedy this...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/decoder-improved-burp-suite-plugin-release-part-1/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/decoder-improved-burp-suite-plugin-release-part-1/ Wed, 13 Sep 2017 00:00:00 GMT <![CDATA[NCC Group at BSides Manchester 2017]]> In August, BSides Manchester returned for its fourth year, providing a fantastic showcase of the northern InfoSec community...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/ncc-group-at-bsides-manchester-2017/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/ncc-group-at-bsides-manchester-2017/ Tue, 12 Sep 2017 02:00:00 GMT <![CDATA[Rare ASP.NET request validation bypass using request encoding]]> This blog outlines an issue that allowed us to bypass the ASP.NET request validation capability.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/rare-aspnet-request-validation-bypass-using-request-encoding/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/rare-aspnet-request-validation-bypass-using-request-encoding/ Fri, 08 Sep 2017 17:00:00 GMT <![CDATA[Employee spotlight: Tony, Principal Security Consultant, NCC Group North America]]> Tony Cargile, Principal Security Consultant in our Austin office, talks about his time at NCC Group, career progression and more. ]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/employee-spotlight-tony-principal-security-consultant-ncc-group-north-america/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/employee-spotlight-tony-principal-security-consultant-ncc-group-north-america/ Thu, 07 Sep 2017 03:00:00 GMT <![CDATA[Poison Ivy string decryption]]> This is a short and quick blog to share with you, as promised, the IDAPython script used to decrypt Poison Ivy strings...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/poison-ivy-string-decryption/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/poison-ivy-string-decryption/ Thu, 07 Sep 2017 02:00:00 GMT <![CDATA[Invoice fraud: Third party vulnerabilities]]> No matter how secure your IT network is, you or your customers can still be defrauded due to a third party’s vulnerabilities.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/invoice-fraud-third-party-vulnerabilities/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/invoice-fraud-third-party-vulnerabilities/ Wed, 06 Sep 2017 02:00:00 GMT <![CDATA[Common CSRF prevention misconceptions]]> At NCC Group we’ve noticed, among applicants and the general public, some common misconceptions regarding CSRF]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/common-csrf-prevention-misconceptions/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/common-csrf-prevention-misconceptions/ Tue, 05 Sep 2017 00:00:00 GMT <![CDATA[Signaturing an Authenticode anomaly with Yara]]> Investigating the use of Yara to detect inconsistencies between PE file timestamps and Authenticode signing certificates.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/signaturing-an-authenticode-anomaly-with-yara/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/september/signaturing-an-authenticode-anomaly-with-yara/ Fri, 01 Sep 2017 03:00:00 GMT <![CDATA[Analysing a recent Poison Ivy sample]]> In a recent blog post, Fortinet discussed a new version of Poison Ivy spreading through malicious PowerPoint files...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/analysing-a-recent-poison-ivy-sample/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/analysing-a-recent-poison-ivy-sample/ Thu, 31 Aug 2017 02:00:00 GMT <![CDATA[Educational Tools for Binary Ninja]]> A series of plugins designed to improve Binary Ninja’s potential as a tool for beginners.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/educational-tools-for-binary-ninja/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/educational-tools-for-binary-ninja/ Wed, 30 Aug 2017 00:00:00 GMT <![CDATA[DeLux Edition: Getting root privileges on the eLux Thin Client OS]]> While on an engagement I came across a thin client running the eLux Linux distribution...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/delux-edition-getting-root-privileges-on-the-elux-thin-client-os/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/delux-edition-getting-root-privileges-on-the-elux-thin-client-os/ Thu, 24 Aug 2017 02:00:00 GMT <![CDATA[Request encoding to bypass web application firewalls]]> This blog post introduces a technique to send HTTP requests using encoding. This method should be added to the list of tests...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/request-encoding-to-bypass-web-application-firewalls/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/request-encoding-to-bypass-web-application-firewalls/ Wed, 23 Aug 2017 02:00:00 GMT <![CDATA[CENTA: A global cyber advisory practice for regulated industries]]> NCC Group has formed a new global advisory practice called the Centre for Evolved Next-generation Threat Assurance (CENTA).]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/centa-a-global-cyber-advisory-practice-for-regulated-industries/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/centa-a-global-cyber-advisory-practice-for-regulated-industries/ Tue, 22 Aug 2017 02:00:00 GMT <![CDATA[Introducing G-Scout]]> G‐Scout is a tool to help assess the security of Google Cloud Platform (GCP) environment configurations.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/introducing-g-scout/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/introducing-g-scout/ Tue, 15 Aug 2017 00:00:00 GMT <![CDATA[Incremental threat modelling: A follow-up]]> In May 2017, I gave a talk at AppSecEu about incremental threat modelling. The audience was great and we had excellent...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/incremental-threat-modelling-a-follow-up/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/incremental-threat-modelling-a-follow-up/ Mon, 14 Aug 2017 02:00:00 GMT <![CDATA[When a web application SSRF causes the cloud to rain credentials & more]]> This blog post reviews an interesting Server-Side Request Forgery (SSRF) technique against applications that are in cloud...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/when-a-web-application-ssrf-causes-the-cloud-to-rain-credentials-and-more/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/when-a-web-application-ssrf-causes-the-cloud-to-rain-credentials-and-more/ Fri, 11 Aug 2017 00:00:00 GMT <![CDATA[UK government cyber security guidelines for connected & autonomous vehicles]]> The Department for Transport, in conjunction with Centre for the Protection of National Infrastructure (CPNI), has created...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/uk-government-cyber-security-guidelines-for-connected-and-autonomous-vehicles/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/uk-government-cyber-security-guidelines-for-connected-and-autonomous-vehicles/ Tue, 08 Aug 2017 03:00:00 GMT <![CDATA[Smuggling HTA files in Internet Explorer/Edge]]> In this blog post, we will demonstrate how attackers can serve malicious HTML Application files in a way that may bypass...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/smuggling-hta-files-in-internet-exploreredge/ Tue, 08 Aug 2017 02:00:00 GMT <![CDATA[Developing trust and gitting betrayed]]> At NCC Group, one of our core offerings for clients is performing external network penetration tests. In these tests, we...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/developing-trust-and-gitting-betrayed/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/developing-trust-and-gitting-betrayed/ Mon, 07 Aug 2017 00:00:00 GMT <![CDATA[FedEx & TNT Express: A lesson in M&A cyber security due diligence & collateral economic disruption]]> In August 2015, FedEx started an acquisition process of TNT Express which it concluded nine months later in May 2016...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/fedex-and-tnt-express-a-lesson-in-manda-cyber-security-due-diligence-and-collateral-economic-disruption/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/fedex-and-tnt-express-a-lesson-in-manda-cyber-security-due-diligence-and-collateral-economic-disruption/ Thu, 03 Aug 2017 02:00:00 GMT <![CDATA[The value of having a chartered engineer on the team]]> NCC Group's Paul Dart, who has recently achieved chartered engineer status from IET gives an overview of the chartership. ]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/the-value-of-having-a-chartered-engineer-on-the-team/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/august/the-value-of-having-a-chartered-engineer-on-the-team/ Tue, 01 Aug 2017 00:00:00 GMT <![CDATA[Penetration testing: Thinking in scenarios]]> We explore what penetration testing’s various definitions are today and how scenario-based penetration testing allows...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/penetration-testing-thinking-in-scenarios/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/penetration-testing-thinking-in-scenarios/ Fri, 28 Jul 2017 02:00:00 GMT <![CDATA[Sobelow: Static analysis for the Phoenix Framework]]> The Phoenix Framework is a relatively new web framework, powered by the Elixir programming language. Elixir runs on the...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/sobelow-static-analysis-for-the-phoenix-framework/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/sobelow-static-analysis-for-the-phoenix-framework/ Thu, 27 Jul 2017 00:00:00 GMT <![CDATA[Frequently asked questions about ransomware]]> NCC Group’s Tim Anderson has summarised from the frequently asked questions that were featured in our eBook.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/frequently-asked-questions-about-ransomware/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/frequently-asked-questions-about-ransomware/ Tue, 25 Jul 2017 00:00:00 GMT <![CDATA[Silent but deadly? How cyber risk is affecting your insurance]]> This blog discusses the effects of cyber risk to businesses and their insurers.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/silent-but-deadly-how-cyber-risk-is-affecting-your-insurance/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/silent-but-deadly-how-cyber-risk-is-affecting-your-insurance/ Fri, 21 Jul 2017 15:00:00 GMT <![CDATA[Call Map: A tool for navigating call graphs in Python]]> Call Map is a tool for navigating call graphs in Python, with plans to support other languages. A call graph is a natural way...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/call-map-a-tool-for-navigating-call-graphs-in-python/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/call-map-a-tool-for-navigating-call-graphs-in-python/ Tue, 18 Jul 2017 00:00:00 GMT <![CDATA[UK Transport Strategy 2017 - A cyber security view: Part 1 - London]]> This blog focuses on the impact of the new transport strategies from the Mayor of London and Transport for London.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/uk-transport-strategy-2017-a-cyber-security-view-part-1-london/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/uk-transport-strategy-2017-a-cyber-security-view-part-1-london/ Fri, 14 Jul 2017 12:00:00 GMT <![CDATA[When batteries go bang as electric cars charge: Insights from a cyber security perspective]]> Insights from a cyber security perspective as to why lithium-ion batteries catch fire.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/when-batteries-go-bang-as-electric-cars-charge-insights-from-a-cyber-security-perspective/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/when-batteries-go-bang-as-electric-cars-charge-insights-from-a-cyber-security-perspective/ Thu, 13 Jul 2017 00:00:00 GMT <![CDATA[NCC Group recognised for cyber security efforts in maritime sector]]> On Friday, NCC Group was delighted to be a shortlisted runner-up in the Cyber Security category at the Seatrade Awards. ]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/ncc-group-recognised-for-cyber-security-efforts-in-maritime-sector/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/july/ncc-group-recognised-for-cyber-security-efforts-in-maritime-sector/ Wed, 05 Jul 2017 00:00:00 GMT <![CDATA[Live incident blog: June Global ransomware outbreak]]> Today we saw another outbreak of ransomware. This blog is live and will be updated as we know more.]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/june/live-incident-blog-june-global-ransomware-outbreak/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/june/live-incident-blog-june-global-ransomware-outbreak/ Tue, 27 Jun 2017 02:00:00 GMT <![CDATA[How NCC Group’s Network Threat Monitoring service identified an undiscovered Remote Access Trojan]]> If you pay attention to the news, it may seem as though a different organisation is being breached almost every day by new and...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/june/how-ncc-groups-network-threat-monitoring-service-identified-an-undiscovered-remote-access-trojan/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/june/how-ncc-groups-network-threat-monitoring-service-identified-an-undiscovered-remote-access-trojan/ Tue, 27 Jun 2017 02:00:00 GMT <![CDATA[A WarCon 2017 presentation: Cisco ASA - Exploiting the IKEv1 heap overflow - CVE-2016-1287]]> Exodus Intel released a proof of concept (POC) in early 2016, demonstrating how to obtain remote code execution on...]]> https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/june/a-warcon-2017-presentation-cisco-asa-exploiting-the-ikev1-heap-overflow-cve-2016-1287/ https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/june/a-warcon-2017-presentation-cisco-asa-exploiting-the-ikev1-heap-overflow-cve-2016-1287/ Thu, 15 Jun 2017 01:00:00 GMT