ConCon Blog

Show left menu  
Hide left menu  
Applocker Bypass via Registry Key Manipulation

By Francesco Mifsud, 19 May 2017

AppLocker is the de-facto standard to locking down Windows machines. It is new to Windows 7 and Windows Server 2008 R2 and is the successor to Software Restriction Policies (SRP). ...

Protecting Against the Insider Threat
Lessons learned from WannaCry

By Tim Erridge, 19 May 2017

In the wake of the WannaCry ransomware cyber-attack, which had such a significant impact on the UK’s NHS, amongst many other organisations worldwide, I am mindful of my simple mantra: ...

WannaCry: What you need to know

16 May 2017

Following the “WannaCry” cyber-attacks last Friday, we have put together a short briefing note with some essential information about the attack, what it is and how it works, and some ...

Exploiting Vulnerable Pandas
Exploiting Vulnerable Pandas

By Tom Moreton, 05 May 2017

There’s been some debate recently (see the work of Tavis Ormandy, Project Zero) around whether security applications such as Anti-Virus make devices more secure, or whether their greater attack surface ...

The Road to Resilience
The Resilient Road to Recovery

By Paul Martin, 20 April 2017

“It’s not a matter of if your network is compromised but when”. This phrase may be one of the tired clichés of cyber security, but it is true nonetheless. All ...

Hard drive
Making an NTFS Volume Mountable by Tinkering with the VBR

By Adam Bridge, 29 March 2017

We recently had to do disk forensics of 10 disks, each of which had a BitLocker encrypted C volume. We were working with E01s, but no real problem, the organisation's ...

Hard Drive 2 Icon
Forensic Imaging. So this should now boot... right?

By Matt Raeburn, 15 March 2017

Often within forensics an investigation can benefit from analysing the machine as the user would see it. This can lead to artefacts being found that may not be obvious when ...

Back to Top