Latest news

An illustration of a person's head against a blue background. Inside the head, there is a dark scribble. (Royalty-free stock vector ID: 1524726482)

NCC Conversations: Men’s mental health

As part of our NCC Conversations series, our colleague Mitch shares his experiences with his mental health to raise the important topic of men's mental health.

NCC Group shares Cyber Insights series on the NatWest Business Hub

NCC Group shares Cyber Insights series on the NatWest Business Hub

Here at NCC Group we are delighted to be part of the NatWest Business Hub to provide our cyber resilience focused content series to help guide businesses and offer them useful insights.

Fast moving landscape

NCC Group uncovers Bluetooth Low Energy (BLE) vulnerability that puts millions of cars, mobile devices and locking systems at risk

Our research shows that systems that people rely on to guard their cars, homes and private data are using Bluetooth proximity authentication mechanisms that can be easily broken with cheap off-the-shelf hardware.

Three key reflections from CYBERUK 2022.

Three key reflections from CYBERUK 2022

Kat Sommer, Head of Public Affairs, reflects on this year’s CYBERUK and two days of conversations centred around the changing nature of ‘the cyber challenge’, as we move away from a period of rebuilding the digital landscape after the pandemic.

Mike Maddison appointed Chief Executive Officer of NCC Group

Mike Maddison appointed Chief Executive Officer of NCC Group

NCC Group is pleased to announce the appointment of Mike Maddison as Chief Executive Officer following Adam Palser’s decision to step down after more than four and a half years in the role.

My Path to Progression: James Durham

My Path to Progression: Talent Acquisition to Security Consulting

In the second instalment in our Path to Progression series, our Talent Attraction team spoke to James Durham to hear more about his journey so far and how he made the move from a Technical & Security Sourcing Executive in our Talent Acquisition Team to becoming a Senior Security Consultant.

Upcoming events

Royalty-free stock vector ID: 462311434

Do you understand the cyber risks in your Private Equity Portfolio?

Event date 26 May 2022 08:00 – 10:00

Social media

MetaStealer is a new information stealer variant designed to fill the void following Racoon stealer suspending operations in March of this year.

Metastealer – filling the Racoon void
In our latest #MySwitch2Cyber blog, John shares his story of switching careers from being a Maintenance Technician to Associate Security Consultant! Get all the info on our newsroom via the link in our bio. #WeAreNCCGroup #CareersInCyber #CyberCareers #BlogSeries Plus… #BonusPetOfNCCGroup 🐶

In our latest #MySwitch2Cyber blog, John shares his story of switching careers from being a Maintenance Technician to Associate Security Consultant! Get all the info on our newsroom via the link in our bio. #WeAreNCCGroup #CareersInCyber #CyberCareers #BlogSeries Plus… #BonusPetOfNCCGroup 🐶

lifeatnccgroup
The hunt is on! We’re back partnering with @Hunted_HQ once again as the new series launches this weekend https://t.co/ysK56mtsCP

The hunt is on! We’re back partnering with @Hunted_HQ once again as the new series launches this weekend https://t.co/ysK56mtsCP

@NCCGroupplc

(The version of Ghidra used in this article is 10.1.2. For the Go string recovery tool release, skip ahead to Ghostrings Release.) Introduction A well-known issue with reverse engineering Go programs is that the lack of null terminators in Go strings makes recovering string definitions from compiled binaries difficult. Within a compiled Go program, many … Continue reading earlyremoval, in the Conservatory, with the Wrench: Exploring Ghidra’s decompiler internals to make automatic P-Code analysis scripts →

earlyremoval, in the Conservatory, with the Wrench: Exploring Ghidra’s decompiler internals to make automatic P-Code analysis scripts

Introduction Ghostrings is a collection of Ghidra scripts for recovering string definitions in Go binaries with P-Code analysis. A well-known issue with reverse engineering Go programs is that the lack of null terminators in Go strings makes recovering string definitions from compiled binaries difficult. Within a compiled Go program, many of the constant string values … Continue reading Tool Release – Ghostrings →

Tool Release – Ghostrings

As part of our #NCCConversations series, our colleague Mitch shared his experiences with his #MentalHealth to raise the important topic of men's mental health. https://t.co/VXNKl8WRUq

@NCCGroupplc

Summary The Kwikset/Weiser Kevo line of smart locks support Bluetooth Low Energy (BLE) passive entry through their Touch-to-Open functionality. When a user touches the exterior portion of the lock, the lock checks that an authorized BLE device is exterior to and within a short distance of the smart lock, and then performs a cryptographic handshake … Continue reading Technical Advisory – Kwikset/Weiser BLE Proximity Authentication in Kevo Smart Locks Vulnerable to Relay Attacks →

Technical Advisory – Kwikset/Weiser BLE Proximity Authentication in Kevo Smart Locks Vulnerable to Relay Attacks

Summary The Tesla Model 3 and Model Y employ a Bluetooth Low Energy (BLE) based passive entry system. This system allows users with an authorized mobile device or key fob within a short range of the vehicle to unlock and operate the vehicle, with no user interaction required on the mobile device or key fob. … Continue reading Technical Advisory – Tesla BLE Phone-as-a-Key Passive Entry Vulnerable to Relay Attacks →

Technical Advisory – Tesla BLE Phone-as-a-Key Passive Entry Vulnerable to Relay Attacks

Summary Many products implement Bluetooth Low Energy (BLE) based proximity authentication, where the product unlocks or remains unlocked when a trusted BLE device is determined to be nearby. Common examples of such products include automotive Phone-as-a-Key systems, residential smart locks, BLE-based commercial building access control systems, and smartphones and laptops with trusted BLE device functionality. … Continue reading Technical Advisory – BLE Proximity Authentication Vulnerable to Relay Attacks →

Technical Advisory – BLE Proximity Authentication Vulnerable to Relay Attacks
Kat Sommer, Head of Public Affairs, reflects on this year’s #CYBERUK and two days of conversations centred around the changing nature of ‘the cyber challenge’, as we move away from a period of rebuilding the digital landscape: https://t.co/vZGfet60ok. #CYBERUK22 https://t.co/UUlu7oeUe3

Kat Sommer, Head of Public Affairs, reflects on this year’s #CYBERUK and two days of conversations centred around the changing nature of ‘the cyber challenge’, as we move away from a period of rebuilding the digital landscape: https://t.co/vZGfet60ok. #CYBERUK22 https://t.co/UUlu7oeUe3

@NCCGroupplc
The latest episode of #TalkingCyber is available now. Join host David Brauchler and Damon Small as they discuss the importance of soft skills for consultants, and how it’s not always about being the smartest person in the room. Listen here: https://t.co/uGTNVPuWwo. https://t.co/BylSF8eQo2

The latest episode of #TalkingCyber is available now. Join host David Brauchler and Damon Small as they discuss the importance of soft skills for consultants, and how it’s not always about being the smartest person in the room. Listen here: https://t.co/uGTNVPuWwo. https://t.co/BylSF8eQo2

@NCCGroupplc

RT @_Chris_Whelan_: Busy morning at the 2nd & final day of @CYBERUKevents #CyberUK22. Currently attending @NCCGroupplc’s talk on #Malware a…

@NCCGroupplc

Press contacts

NCC Group Press Office

NCC Group Press Office

Press contact All media enquires relating to NCC Group plc +44 7824 412 405
NCC Group - Financial Media Enquiries

NCC Group - Financial Media Enquiries

Press contact Maitland AMO Financial Results Media Enquiries +44 (0)20 7379 5151
Regional Press Office - North America

Regional Press Office - North America

Press contact +1 408 776 1400
Regional Press Office - Europe

Regional Press Office - Europe

Press contact +31 (0)23 562 8208

NCC Group exists to make the world safer and more secure

In today’s threat landscape understanding the risks organisations and customers are exposed to is more important than ever.

Understanding the impact and how to be more resilient is key to protecting brand, reputation and sensitive customer information. Building a cyber-resilient organization can be a complex process but it’s not impossible.

With our knowledge, experience and global footprint, we help assess, develop and manage cyber resilience posture.

NCC Group Newsroom
XYZ Building, 2 Hardman Boulevard, Spinningfield
M3 3AQ Manchester
United Kingdom
NCC Group customer website
NCC Group corporate website
NCC Group Cyberstore