Latest news

Securityincident in je OT omgeving? Zo ben je optimaal voorbereid.

Securityincident in je OT omgeving? Zo ben je optimaal voorbereid.

Operationele Technologie (OT) is hard- en software die zorgt voor de aansturing en monitoring van industriële systemen. Dit zie je bijvoorbeeld terug in de maakindustrie, de zware industrie en bij kritieke infrastructuur. Denk aan de hardware die nodig is voor het aansturen van een brug of sluis, maar ook een MRI scanner behoort tot de OT appliances.

DDoS attacks on the rise - an anomaly or a resurgence?

DDoS attacks on the rise - an anomaly or a resurgence?

Distributed Denial of Service (DDoS) attacks have been the subject of much discussion across the security community with the number of attacks on the rise. We take a look at what this could mean for organisations and whether a resurgence is on the cards.

The scale and threat of Ransomware: UK Parliament Committee invites NCC Group’s Ollie Whitehouse to give evidence

The scale and threat of Ransomware: UK Parliament Committee invites NCC Group’s Ollie Whitehouse to give evidence

This week, NCC Group’s Global CTO, Ollie Whitehouse was called as an expert witness to the UK Parliament Joint Committee on the National Security Strategy’s inquiry into ransomware.

What does the EU-US Trans-Atlantic Data Privacy Framework mean for organisations?

What does the EU-US Trans-Atlantic Data Privacy Framework mean for organisations?

Stephen Bailey, Global Privacy Services practice lead at NCC Group shares a useful summary of the new European Union & United States data privacy network – the Trans-Atlantic Data Privacy Framework and what it means for organisations and individuals.

NCC Group Monthly Threat Pulse – October 2022

NCC Group Monthly Threat Pulse – October 2022

Analysis from NCC Group’s NCC Group’s Global Threat Intelligence team has revealed a decrease in ransomware attacks in October, but a sharp rise in DDoS attacks with the highest number of incidents observed this year.

My Path to Progression: Campaign Manager to Global Standards and Support Officer

My Path to Progression: Campaign Manager to Global Standards and Support Officer

Through our Path to Progression blog series, we’re sharing colleague stories about how individuals have developed, changed and grown their career within NCC Group. In today's blog post, we spoke to Stephanie Lynch-Ozanar to hear more about how she made the move from a Campaign Manager to becoming a Global Standards and Support Officer.

Social media

In the week that the European Council formally adopted NIS2 to replace the current directive on security of network and information systems (NIS) & the UK Gov confirmed plans to update NIS regulations as they apply to the UK, we explore what this means. https://t.co/ydZ9BARYlS

@NCCGroupplc

After nearly four years into my role, I am stepping down as NCC Group’s SVP & Global Head of Research. In part just for myself, to reflect on a whirlwind few years, and in part as a thank you and celebration of all of the incredible researchers with whom I have had the privilege of … Continue reading So long and thanks for all the 0day →

So long and thanks for all the 0day
Happy Thanksgiving, from our family to yours. https://t.co/Z9Qsm4bmrt

Happy Thanksgiving, from our family to yours. https://t.co/Z9Qsm4bmrt

@NCCGroupplc
Over the last two weeks and in the lead up to Thanksgiving, a national holiday based around giving back and expressing gratitude, we’ve been in our San Francisco, Atlanta and Chicago office promoting our global Giving Back programme. During this time, our North American colleagues have been engaging in a whole host of Giving Back related activity, from finding out more about local volunteering opportunities to providing feedback on how we can increase our skills based giving to enhance the programme for 2023! In case you were wondering what else they got up to, they also managed to: ⭐️Raise over £1000 for Make A Wish ⭐️ Make donations to several different charities ⭐️ Hold three office Giving Back Days ⭐️ Send boxes of stuffed toys to local shelters, hospitals, and children’s homes Go team! #GivingBack #SocialSustainability

Over the last two weeks and in the lead up to Thanksgiving, a national holiday based around giving back and expressing gratitude, we’ve been in our San Francisco, Atlanta and Chicago office promoting our global Giving Back programme. During this time, our North American colleagues have been engaging in a whole host of Giving Back related activity, from finding out more about local volunteering opportunities to providing feedback on how we can increase our skills based giving to enhance the programme for 2023! In case you were wondering what else they got up to, they also managed to: ⭐️Raise over £1000 for Make A Wish ⭐️ Make donations to several different charities ⭐️ Hold three office Giving Back Days ⭐️ Send boxes of stuffed toys to local shelters, hospitals, and children’s homes Go team! #GivingBack #SocialSustainability

lifeatnccgroup

First things first: there is now a specification for the jq255e and jq255s elliptic curves; it is published on the C2SP initiative and is formally in (draft) version 0.0.1: https://github.com/C2SP/C2SP/blob/main/jq255.md The jq255e and jq255s groups are prime-order groups appropriate for building cryptographic protocols, and based on elliptic curves. These curves are from the large class … Continue reading A jq255 Elliptic Curve Specification, and a Retrospective →

A jq255 Elliptic Curve Specification, and a Retrospective

Summary NXP System-on-a-Chip (SoC) fuse configurations with the SDP READ_REGISTER operation disabled (SDP_READ_DISABLE=1) but other serial download functionality still enabled (SDP_DISABLE=0) can be abused to read memory contents in warm and cold boot attack scenarios. In lieu of an enabled SDP READ_REGISTER operation, an attacker can use a series of timed SDP WRITE_DCD commands to … Continue reading Technical Advisory – NXP i.MX SDP_READ_DISABLE Fuse Bypass (CVE-2022-45163) →

Technical Advisory – NXP i.MX SDP_READ_DISABLE Fuse Bypass (CVE-2022-45163)
Our latest Monthly Threat Pulse is out with a rundown on the key highlights and trends seen in October – including the most targeted sectors, regions and most active threat actors. https://t.co/98iv6ZoZ00 https://t.co/oOeTNI67td

Our latest Monthly Threat Pulse is out with a rundown on the key highlights and trends seen in October – including the most targeted sectors, regions and most active threat actors. https://t.co/98iv6ZoZ00 https://t.co/oOeTNI67td

@NCCGroupplc
Our latest spotlight is on Stephanie Lynch-Ozanar, who spoke to us about her journey from Campaign Manager to Global Standards and Support Officer. Find out more about her experience, including her work for a cyber charity, in our latest blog on our newsroom (link in bio). #WeAreNCCGroup #MyPathToProgression #CareersInCyber #BehindTheScreens #CyberSecurity

Our latest spotlight is on Stephanie Lynch-Ozanar, who spoke to us about her journey from Campaign Manager to Global Standards and Support Officer. Find out more about her experience, including her work for a cyber charity, in our latest blog on our newsroom (link in bio). #WeAreNCCGroup #MyPathToProgression #CareersInCyber #BehindTheScreens #CyberSecurity

lifeatnccgroup
On Veterans Day, we honor all who served. https://t.co/VQmgp1G4KL

On Veterans Day, we honor all who served. https://t.co/VQmgp1G4KL

@NCCGroupplc
Lest we forget, this Remembrance Day. https://t.co/iOOtAUVb8R

Lest we forget, this Remembrance Day. https://t.co/iOOtAUVb8R

@NCCGroupplc

Web3 Decoder is a Burp Suite Extension that allows to decode “web3” JSON-RPC calls that interact with smart contracts in a EVM blockchain. As it is said that a picture is worth a thousand words, the following two screenshots shows a Raw JSON-RPC call, and its decoded function call: Background When auditing a DApp (Decentralized … Continue reading Tool Release – Web3 Decoder Burp Suite Extension →

Tool Release – Web3 Decoder Burp Suite Extension

Slides from a fifteen minute lightening talk on detection opportunities for implant framework behaviour on Windows.

Tales of Windows detection opportunities for an implant framework

Press contacts

NCC Group Press Office

NCC Group Press Office

Press contact All media enquires relating to NCC Group plc +44 7824 412 405
NCC Group - Financial Media Enquiries

NCC Group - Financial Media Enquiries

Press contact Maitland AMO Financial Results Media Enquiries +44 (0)20 7379 5151
Regional Press Office - North America

Regional Press Office - North America

Press contact +1 408 776 1400
Regional Press Office - Europe

Regional Press Office - Europe

Press contact +31 20 794 4737

NCC Group exists to make the world safer and more secure

In today’s threat landscape understanding the risks organisations and customers are exposed to is more important than ever.

Understanding the impact and how to be more resilient is key to protecting brand, reputation and sensitive customer information. Building a cyber-resilient organization can be a complex process but it’s not impossible.

With our knowledge, experience and global footprint, we help assess, develop and manage cyber resilience posture.

NCC Group Newsroom
XYZ Building, 2 Hardman Boulevard, Spinningfield
M3 3AQ Manchester
United Kingdom
NCC Group customer website
NCC Group corporate website
NCC Group Cyberstore