ConCon Blog

Show left menu  
Hide left menu  
Wireless Gridlock in the IoT

By Alex Farrant, 13 May 2015

“What good is a phone call when you are unable to speak?” Introduction When people mention the Internet of Things (IoT) and congestion they’re likely referring to novel solutions to ...

Legal scales
Breaking the law: the legal sector remains an attractive target; why not turn cyber security into an opportunity?

By Tom Williams, 13 April 2015

The legal sector will remain an attractive target for the full spectrum of threat actors; cyber-criminals, hacktivists, state-sponsored groups. Unsurprisingly, this is due to the wealth of sensitive data held ...

SQL Inception: How to select yourself

By Aaron Devaney, 30 March 2015

In this blog post I will describe a few ways to view the whole SQL statement being executed as part of a SQL injection attack. Currently, unless the vulnerable page ...

RFID Tags in Access Control Systems

By Christian Becker, 16 March 2015

One of our recent engagements required us to explore an unknown RFID tag which was used as part of an access control system. The objective of this engagement was to ...

Thanks for the Memories: Identifying Malware from a Memory Capture

By Adam Bridge, 02 March 2015

We've all seen attackers try and disguise their running malware as something legitimate. They might use a file name of a legitimate Windows file or even inject code into a ...

Java Obfuscation
Automating Removal of Java Obfuscation

By David Klein, 16 Feb. 2015

In this post we detail a method to improve analysis of Java code for a particular obfuscator, we document the process that was followed and demonstrate the results of automating ...

Evasive Measures: "faxmessage.php" malware delivery

By Deryl Slight and Matt Raeburn, 10 Dec. 2014

In the ongoing malware arms race attackers are always trying to find creative ways to bypass detection, and this isn’t something that is limited to targeted threat actors. In fact ...

Back to Top