ConCon Blog

Show left menu  
Hide left menu  
IoT devices attack
The Internet of Broken Things: why security testing matters

26 Oct. 2016

The recent Distributed Denial of Service (DDoS) attacks against the security journalist Brian Krebs’ blog and then the Domain Name Service (DNS) provider Dyn (which broke large chunks of the ...

Targeting Android for OTA Exploitation
Targeting Android for OTA Exploitation

By Tom Court and Neil Biggs, 19 Oct. 2016

‘If you know the enemy and know yourself, you need not fear the result of a hundred battles’ – Sun Tsu. Whilst it is unlikely that Sun Tzu had software ...

Free Wifi Zone
The Perils of Public Wireless Networks: How I Stole Your Hash

13 Oct. 2016

It’s a question that gets asked all the time – “How Do I keep my computer secure online?” By now we should all know the usual recommendations, such as using ...

Prevent cyber attack
In the news: TalkTalk hit with record fine

10 Oct. 2016

It was announced recently that telecoms company TalkTalk has been fined £400,000 by the Information Commissioner’s Office (ICO) for failing to prevent the cyber-attack, which allowed an attacker to access ...

Minimising the time to remediation
Minimising the time to remediation

04 Oct. 2016

One of the most popular talks at our summer Oasis 2016 event was delivered by Adam Bridge, Head of Forensics and looked at how organisations can reduce the time to ...

Porting exploits to a Netgear WNR2200

By Jan Mitchell, 21 Sept. 2016

IntroductionSoftware vulnerabilities and the accompanying exploits are still all too common. Fortunately the response to vulnerabilities has got significantly better in recent years, with quick patching of the most critical ...

Analysing & Repurposing Spartan's CVE 2015
Analysing and repurposing Spartan's CVE-2015-7645

By Francesco Mifsud, 15 Sept. 2016

For this blog post we’ve chosen to analyse a Flash exploit utilised by the Spartan Exploit Kit, namely CVE-2015-7645. We'll go through the process of analysing the obfuscated Flash file, ...

Back to Top