ConCon Blog

Show left menu  
Hide left menu  
https
Manually Testing SSL/TLS Weaknesses

By Jay Kalsi and Daniel Mossop, 01 June 2015

The Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols aim to provide client and server systems with a means of establishing an encrypted communication channel. Though best known ...

Ramble icon
The Emergence of Bluetooth Low Energy

By Scott Lester, 21 May 2015

IntroductionThis blog is about Bluetooth Low Energy (BLE), which is the relatively new, lower-power version of the Bluetooth protocol. BLE was introduced in version 4.0 of the Bluetooth Core Specification, ...

New_York_City_Gridlock.png
Wireless Gridlock in the IoT

By Alex Farrant, 13 May 2015

“What good is a phone call when you are unable to speak?” Introduction When people mention the Internet of Things (IoT) and congestion they’re likely referring to novel solutions to ...

Legal scales
Breaking the law: the legal sector remains an attractive target; why not turn cyber security into an opportunity?

By Tom Williams, 13 April 2015

The legal sector will remain an attractive target for the full spectrum of threat actors; cyber-criminals, hacktivists, state-sponsored groups. Unsurprisingly, this is due to the wealth of sensitive data held ...

SQLMap-Blur.png
SQL Inception: How to select yourself

By Aaron Devaney, 30 March 2015

In this blog post I will describe a few ways to view the whole SQL statement being executed as part of a SQL injection attack. Currently, unless the vulnerable page ...

RFID Tags
RFID Tags in Access Control Systems

By Christian Becker, 16 March 2015

One of our recent engagements required us to explore an unknown RFID tag which was used as part of an access control system. The objective of this engagement was to ...

Memory.png
Thanks for the Memories: Identifying Malware from a Memory Capture

By Adam Bridge, 02 March 2015

We've all seen attackers try and disguise their running malware as something legitimate. They might use a file name of a legitimate Windows file or even inject code into a ...

Back to Top