ConCon Blog

Show left menu  
Hide left menu  
Building a SOC: Thinking About Effective Incident Management

By Kat Demidecka, 26 Nov. 2015

While incident response is what we most often talk about, we also do a lot of work helping clients to proactively build resiliency and develop their internal cyber security capability. ...

Bandit Robbery
Data Exfiltration via Blind OS Command Injection

By Craig Donkin, 16 Nov. 2015

On a penetration test or CTF challenge you may come across an application that takes user input and passes it to a system command or to a supporting program that ...

Hacker on a computer
The Cyber Threat and Terrorism

By Tom Williams, 02 Nov. 2015

The concept of cyber terrorism, or extremists utilising offensive cyber techniques, is one that gains wide publicity and grabs attention; but what is the reality of this threat? Russian-based Islamic ...

Make a Django app insecure? It's not easy and that's a good thing!

By Patrick Craston, 19 Oct. 2015

The OWASP Top 10 describes the most critical and most commonly occurring security flaws in web applications. This list is published every three years and although some issues move up ...

Alarm bells ringing!

By Neil Biggs, 05 Oct. 2015

In previous blog posts we examined peripheral devices that are considered to be part of the Internet of Things (IoT), such as printers (Hacking Canon Pixma Printers - Doomed Encryption) ...

Social Engineering
Hacking without Computers – An Introduction to Social Engineering

By Owen Wright, 21 Sept. 2015

The concept of manipulating people and processes for some benefit pre-dates the invention of computers and the concept of cyber security, and goes well beyond the realms of IT and ...

Nation States: The Godfathers of Targeted Attacks

By Kat Demidecka, 15 Sept. 2015

For many years the world of targeted cyber attacks was limited to nation states; few others had the understanding, resources or much to gain from carrying out such an attack. ...

Back to Top