NCC Group's blog is the central area to share ideas, discuss research and offer insights into the industry's most challenging subjects.

We aim to offer you a trusted and valued place to engage with passionate and experienced experts across the field of information assurance.

  1. Main Image

    Violating the Virtual Channel – RDP Testing

    Introduction As security consultants we often come across situations where we have access to an RDP server that has been locked down fairly ...

    Read full post
  2. Main Image

    Digital Strategy in the boardroom

    Business Insights Introduction Digital is here and here to stay but research [1] suggests that the boardroom is far too slow to implement co ...

    Read full post
  3. Main Image

    Truecrypt Phase Two Audit Announced

    iSEC Partners, part of NCC Group, completed the first phase of the Truecrypt audit almost a year ago, focusing on the Windows kernel code, b ...

    Read full post
  4. Main Image

    Technology doping: Competitive advantage by abusing security flaws in smart sports equipment

    Introduction The term “Technology doping” has recently been used [1] to mean the practice of gaining a competitive advantage through using s ...

    Read full post
  5. Main Image

    Secure Software: So you have a threat model, now what?

    Introduction Let us assume your organisation had understood the importance of threat modelling and run the exercise. Now you have a report: ...

    Read full post
  6. Main Image

    How we helped a major CDN identify and fix a faulty node

    The value of synthetic monitoring

    Read full post
  7. Main Image

    Cyber criminals “love” Valentine’s Day

    As Valentine’s Day fast approaches security experts have urged people to keep their wits about them when online as cyber criminals often use ...

    Read full post
  8. Main Image

    DARPA OnStar Vulnerability Analysis

    Introduction In a report [1] by US TV show “60 Minutes” about DARPA [2] and the Internet of Things, the Department of Defence has shown that ...

    Read full post
  9. Main Image

    A cynic’s view of 2015 security predictions – Part three

    Introduction  A number of security predictions have been doing the rounds over the last few weeks, so I decided to put pen to paper and writ ...

    Read full post