Total results: 2473
Page 1 of 99
Filters
Topics
- Cyber Security (461)
- Research (409)
- Consulting (402)
- Technology, general (395)
- Whitepapers (238)
- Computer security (230)
- Technical advisories (224)
- Vulnerability (173)
- Cryptography (126)
- Tool Release (115)
- Hardware & Embedded Systems (113)
- Public tools (107)
- Threat Intelligence (107)
- General Consulting (94)
- Technology (85)
- Public Reports (66)
- Insights & Viewpoints (64)
- Digital Forensics and Incident Response (DFIR) (62)
- Presentations (56)
- Increasing regulatory & legislative requirements (53)
- iSec Partners (52)
- Reverse Engineering (50)
- Tutorial/Study Guide (50)
- Assessments (49)
- Growing threat landscape (45)
- Regulations & Legislation (42)
- Conferences (40)
- Machine Learning (40)
- Cloud Security (39)
- Cloud & Containerization (37)
- Securing our connected future (36)
- Patch notifications (35)
- VSR (32)
- Insight Space (28)
- North American Research (28)
- Uncategorized (28)
- Working life (26)
- Offensive Security & Artificial Intelligence (25)
- UK (24)
- Managed Detection & Response (22)
- Ransomware (22)
- Reducing Vulnerabilities at Scale (22)
- Research Paper (22)
- Transport (20)
- Fox-IT (19)
- Sustainability (18)
- Books (17)
- Detection and Threat Hunting (17)
- Standards (15)
- Third-Party Risk Management (14)
- Emerging Technologies (13)
- Vulnerability Research (13)
- Gender (12)
- Managed Detection & Response (MDR) (12)
- Public interest technology (12)
- Virtualization, Emulation, & Containerization (11)
- 5G Security & Smart Environments (10)
- Artificial Intelligence (10)
- Gaming & Media (10)
- Inclusion and Diversity (10)
- NCC Conversations (10)
- Operational Technology (10)
- Social issues (10)
- UK Research (10)
- #eachforequal (9)
- Blockchain (9)
- Business Insights (9)
- Finance (9)
- Giving Back (9)
- Politics (9)
- Talent and Careers (9)
- Risk Management & Governance (8)
- Corporate (7)
- Cyber as a Science (7)
- Fox-IT and European Research (7)
- General (7)
- Remediation (7)
- Supply Chain Management (7)
- Working Environment (7)
- Crises, Incident (6)
- Data, Telecom, IT (6)
- Engineering (6)
- Health, Health Care, Pharmaceuticals (6)
- Security (6)
- #People - making the world safer and more secure (5)
- Crime (5)
- Government (5)
- MXDR (5)
- Partnerships, cooperations (5)
- Telecom (5)
- Annual Research Report (4)
- Awards (4)
- Awards & Recognition (4)
- General data (4)
- IT Consulting (4)
- Law (4)
- Mental Health (4)
- Reports (4)
- Science, technology (4)
- Threat briefs (4)
- APAC (3)
- Academic Partnership (3)
- Business enterprise (3)
- CYBERUK (3)
- Cars and traffic (3)
- Children, Youth (3)
- Corona (3)
- Data (3)
- Gender equality (3)
- Legacy Systems (3)
- People (3)
- School (3)
- Software Resilience (3)
- Technology Policy (3)
- UK cyber security policy (3)
- USA (3)
- Crime, Law, Legal affairs (2)
- Crises (2)
- Crypto (2)
- DDoS Assured (2)
- Education (2)
- Expert Insights (2)
- Incident Response (2)
- Intern Projects (2)
- Legal affairs (2)
- Microsoft (2)
- Misinformation, Deepfakes, & Synthetic Media (2)
- PCI DSS (2)
- Politics, general (2)
- Public sector (2)
- Resources (2)
- Smart cities (2)
- Social issues, General (2)
- Sustainability/CSR (2)
- Teaching, Learning (2)
- University, University College (2)
- Webinar (2)
- escrow (2)
- future of cyber (2)
- (1)
- ADD (1)
- ADHD (1)
- Adult education (1)
- Alumni Network (1)
- Annual and interim reports (1)
- Asia Pacific Research (1)
- Business enterprise, General (1)
- CTFs/Microcorruption (1)
- Communication (1)
- Current events (1)
- Cyber Advice (1)
- Cyber Talent Development (1)
- Defence issues (1)
- Disclosure Policy (1)
- Economy (1)
- Economy, Finance (1)
- Educational sciences (1)
- Elections (1)
- Energy (1)
- Energy issues (1)
- Finance and Professional Services (1)
- Fintech (1)
- Fraud (1)
- Industry, manufacturing (1)
- Infrastructure (1)
- Investor Relations (1)
- IoT (1)
- LGBTQIA+ (1)
- Law, Justice (1)
- MDR (1)
- MISA (1)
- MVSS (1)
- Managed Detection and Response (1)
- Mental Wellbeing (1)
- Parliament (1)
- Petroleum, Oil, Gas (1)
- Pride (1)
- Radio, TV (1)
- Science, general (1)
- Secure Development Lifecycle (SDL) (1)
- Sentinel (1)
- Services, Consulting (1)
- Society (1)
- Solutions (1)
- Spa, fitness, well-being (1)
- Supply Chain (1)
- Telecommunication, mobile telephony (1)
- Training (1)
- Web services (1)
- collaboration (1)
- computer misuse act (1)
- critical national infrastructure (1)
- cyber resilience (1)
- deepfake (1)
- healthcare (1)
- hospital (1)
- legal (1)
- next generation talent (1)
- protocol_name (1)
- recruitment (1)
- remediate (1)
- remediation (1)
- remote working (1)
- security consultant (1)
- smart tvs (1)
- threatintel (1)
Sectors
- Research (1324)
- News (419)
- Article (259)
- Press Release (113)
- Case Studies (47)
- Transport (22)
- Financial Services (21)
- Public Sector & Government Services (17)
- Tech, Media & Telecoms (15)
- Whitepapers (15)
- Cyber Advice & Insights (13)
- Events (9)
- Healthcare (9)
- Energy & Utilities (7)
- Videos (7)
- Guides & Datasheets (6)
- Retail & Consumer Markets (6)
- Webinars (6)
- Education (5)
- Maritime (5)
- Aviation & Aerospace (4)
- Manufacturing (4)
- (3)
- Software Vendors (3)
- Legal & Professional Services (2)
- Commodities (1)
- Infographics (1)
- Software Resilience (1)
Hunted – the game is on – NCC Group hunters back for another year
News Technology, general Consulting Computer security Radio, TV Cyber Security Our long-running partnership with the TV show Hunted continues for another year with the launch of the UK Celebrity series last weekend. First aired in 2014, ‘Hunted’ is a real-life thriller where contestants are instruct…
C Language Standards Update – Zero
Research Research Standards North American Research [Editor’s Note: Robert Seacord of NCC Group is a longstanding member of the C Standards Committee. In this blog post, he outlines a recently adopted change he proposed to the C Language Standard, to help eliminate double-free vulnerabilities being…
NCC Group and Vodafone working together to help organisations balance security and connectivity
News Technology, general Consulting Computer security We have partnered with technology communications company Vodafone as it expands its portfolio of cybersecurity products and services for the critical national infrastructure and public sectors. Vodafone Business Security Enhanced (VBSE) has been…
Violating Database – Enforced Security Mechanisms
Research Cyber Security Whitepapers This paper discusses the feasibility of violating the access control, authentication and audit mechanisms of a running process in the Windows server operating systems. Specifically, it discusses the feasibility of totally disabling application – enforced access co…
Abusing Blu
Research Vulnerability tl;dr In today’s (28 February) closing keynote talk at the Abertay Ethical Hacking Society’s Securi-Tay conference, NCC Group was present and I discussed how it was possible to build a malicious Blu-ray disc. By combining different vulnerabilities in Blu-ray players we have bu…
New Attack Vectors and a Vulnerability Dissection of MS03
Research Cyber Security Whitepapers On the 17th of March 2003 Microsoft announced a patch to fix a security vulnerability at the centre of the Windows 2000 operating system. In this paper we will discuss a number of new attack vectors that we have discovered on the same operating system, including j…
Symantec Message Filter Unauthenticated verbose software version information disclosure
Research Cyber Security Patch notifications This patch notification details a low risk vulnerability in Symantec Message Filter, discovered by Ben Williams. Download patch notification NCC Group Publication Archive
Testing Two
Research Research More and more applications we test are implementing some form of two-factor authentication (2FA, sometimes known as multi-factor authentication or MFA). This post provides a whirlwind tour of common 2FA mechanisms and detailed information on testing them. How does 2FA Work? The gen…
Using AWS and Azure for Cost Effective Log Ingestion with Data Processing Pipelines for SIEMs
Research Managed Detection & Response tl;dr Liam Stevenson, Associate Director of Technical Services within NCC Group’s Managed Detection Response division, shows how to derive significant cost efficiencies in SIEM platform consumption with smart log ingestion utilising pre-processing data pipelines…
Cyber Security in UK Agriculture
Research Cyber Security Whitepapers This whitepaper addresses the cyber security threat to agriculture and the wider food network. The perspective and primary focus is the United Kingdom but the majority of observations on the structure of markets, technologies and related issues are largely applica…
Organisations could pay the price as heightened risk tolerances expose transformation projects to hackers
Press Release Technology, general Consulting Computer security Cyber Security Insight Space New research from NCC Group suggests that companies have struggled to pay off cyber debts accrued during the pandemic. Digital transformation programmes could be vulnerable to cyber attacks due to increased r…
Singularity of Origin
Research Public tools Singularity of Origin is a robust and easy-to-use tool to perform DNS rebinding attacks. It consists of a DNS and a web server, a web interface to configure and launch an attack, and sample attack payloads. We plan to support this tool and continue to add features and payloads.…
NCC Group’s 2024 Annual Research Report
Whitepapers Research Annual Research Report Research Paper  At NCC Group, we take immense pride in our enduring legacy of conducting independent, world-leading security research that spans all technologies and industries. Our research spans a comprehensive range of security areas, leading to the p…
Research Insights Volume 3 – How are we breaking in: Mobile Security
Research Cyber Security Whitepapers The proliferation of the personal and business use of mobile devices has created a strong demand for mobile security assurance. Mobile apps and devices can suffer from many of the same vulnerabilities as traditional systems but also require new approaches to secur…
Case Study: Remediation for a Manufacturing Organization
Case Studies Remediation Manufacturing Situation NCC Group supported the deployment and implementation of a manufacturer’s technology transformation project. The team was able to avoid significant delays to the launch of the technology’s capabilities, which were being challenged due to findings that…
Mobile Application Security Assessment (MASA)
MASA provides a uniform way to measure alignment with recognized security practices like the OWASP Mobile Application Security Verification Standard (MASVS), on which MASA is based. NCC Group, a founding contributor to MASA, is now an Authorized Lab partner that can ensure your Android mobile app is…
NIS2 Compliance Guide Download
Thank you! Now, here's your copy of the 2024 edition of our Guide to Preparing for the Network and Information Security Directive (NIS2)—How to ensure compliance with the EU’s new harmonising cyber security directive: Download your copy
NCC Group named a Major Player in IDC MarketScape: Worldwide Emerging Managed Detection and Response Services 2024 Vendor Assessment
NCC Group has been recognized as a Major Player in the IDC MarketScape: Worldwide Emerging Managed Detection and Response Services 2024 Vendor Assessment (doc # US50101523, April 2024)  The IDC MarketScape: Worldwide Emerging MDR Service Providers, 2024 Vendor Assessment  identifies and evaluates c…
MCP Bridge Upgrade
A few months ago, we announced[1] the release of our HTTP to MCP Bridge[2], a tool designed to test MCP services using the same methods and tools typically employed in regular web service security testing. We are now releasing a major update to our tool, which includes the following enhancements: St…
News reaction: NCC Group welcomes the UK Government’s AI investment plans and commitment to address security challenges
News Yesterday, UK Prime Minister Sir Keir Starmer announced a £14 billion plan to establish Britain as a leading global centre for artificial intelligence (AI). The government's initiative aims to use AI to boost economic growth and deliver public services more efficiently. Sian John, CTO of NCC G…
Questions to Find the Best Pen Test Supplier
Article Assessments There is a surplus of companies that offer penetration testing services today, but not all provide like-for-like services. To help simplify the decision-making process and help consumers find the best-fit supplier, this article outlines 5 The skills and knowledge of the tester on…
Research Insights Volume 8 – Hardware Design: FPGA Security Risks
Research Hardware & Embedded Systems Whitepapers FPGA stands for field-programmable gate array. An FPGA is a logic device whose function can be changed while the device is in place within its working environment, allowing the hardware processing of a system to be altered by an external configuration…
Security Considerations of zk-SNARK Parameter Multi
Research Research Cryptography Zero-knowledge proofs are cryptographic constructions allowing users to demonstrate the knowledge of some value, without disclosing the value itself. Even though they have been studied for many years, zero-knowledge proofs are seeing renewed interest in blockchain appl…
Oracle Forensics Part 3: Isolating Evidence of Attacks Against the Authentication Mechanism
Research Cyber Security Whitepapers This paper is the 3rd in a series of papers by David Litchfield exploring the topic of Oracle Forensics. In this installment David will be looking at ways to understand if a breach has been successful. The paper will start by exploring attacks against the authenti…
Threat Modeling
Map possible threat vectors that can impact your software, hardware, applications, and more, creating a blueprint for future penetration testing. Discover a new perspective on your security posture with better ROI. Go beyond traditional penetration testing with a more complete view of your systems s…