ConCon Blog

Show left menu  
Hide left menu  
DNS image
DNSWatch - When a full DNS tunnel is just too much

By Sven Schlueter, 07 July 2015

During certain engagements it is a requirement to extract data from a network - or at least prove that it would be possible in different ways. One common and very ...

Vulnerability Statistics & Trends in 2015

By Steven Lamb, 22 June 2015

I have conducted research using Context’s penetration testing management database across 3,475 web application and infrastructure penetration tests for the years 2013, 2014 & 2015. The research included a statistical ...

The recent US government data breach: big data techniques, a driving force behind a large scale cyber espionage programme?

By Tom Williams, 10 June 2015

The recent cyber-attack against the Office of Personnel Management (OPM) has resulted in the compromise of data relating to millions of current and former United States (US) government employees. In ...

Manually Testing SSL/TLS Weaknesses

By Jay Kalsi and Daniel Mossop, 01 June 2015

The Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols aim to provide client and server systems with a means of establishing an encrypted communication channel. Though best known ...

Ramble icon
The Emergence of Bluetooth Low Energy

By Scott Lester, 21 May 2015

IntroductionThis blog is about Bluetooth Low Energy (BLE), which is the relatively new, lower-power version of the Bluetooth protocol. BLE was introduced in version 4.0 of the Bluetooth Core Specification, ...

Wireless Gridlock in the IoT

By Alex Farrant, 13 May 2015

“What good is a phone call when you are unable to speak?” Introduction When people mention the Internet of Things (IoT) and congestion they’re likely referring to novel solutions to ...

Legal scales
Breaking the law: the legal sector remains an attractive target; why not turn cyber security into an opportunity?

By Tom Williams, 13 April 2015

The legal sector will remain an attractive target for the full spectrum of threat actors; cyber-criminals, hacktivists, state-sponsored groups. Unsurprisingly, this is due to the wealth of sensitive data held ...

Back to Top