NCC Group's blog is the central area to share ideas, discuss research and offer insights into the industry's most challenging subjects.

We aim to offer you a trusted and valued place to engage with passionate and experienced experts across the field of information assurance.

  1. Main Image

    SMACK, SKIP-TLS & FREAK SSL/TLS vulnerabilities

    Current event This is a current event and as such this blog post is subject to change over the course of the next couple of days as we perfo ...

    Read full post
  2. Main Image

    New standards enable V2x connectivity in the EU

    Introduction Two EU organisations (ETSI and CEN) have today announced [1] connected car standards that pave the way for V2V (vehicle to vehi ...

    Read full post
  3. Main Image

    Samba _netr_ServerPasswordSet Expoitability Analysis

    tl;dr This is my analysis of the recent pre-auth Samba remote tracked by CVE-2015-0240[1]. It doesn’t appear to be very exploitable to me, b ...

    Read full post
  4. Main Image

    How a Performance Analyser demo turned into something more valuable

    Improving the performance of new user interface for our monitoring product.

    Read full post
  5. Main Image

    Abusing Blu-ray Players Pt. 1 – Sandbox Escapes

    tl;dr In today’s (28 February) closing keynote talk at the Abertay Ethical Hacking Society’s Securi-Tay conference, NCC Group was present an ...

    Read full post
  6. Main Image

    Testing: Delivering the benefits of hindsight

    Introduction  I was recently chatting over a couple of drinks with a good friend and former colleague who works as a senior programme manage ...

    Read full post
  7. Main Image

    Adventures in Xen exploitation

    tl;dr This post is about my experience trying to exploit the Xen SYSRET bug (CVE-2012-0217). This issue was patched in June 2012 and was dis ...

    Read full post
  8. Main Image

    Violating the Virtual Channel – RDP Testing

    Introduction As security consultants we often come across situations where we have access to an RDP server that has been locked down fairly ...

    Read full post