NCC Group Archives - Help Net Security

NCC Group

BLE vulnerability may be exploited to unlock cars, smart locks, building doors, smartphones

May 17, 2022

A Bluetooth Low Energy (BLE) vulnerability discovered by NCC Group researchers may be used by attackers to unlock Teslas (or other cars with automotive keyless entry), …

Increased risk tolerances are making digital transformation programs vulnerable

October 26, 2021

Digital transformation programs could be vulnerable to cyber attacks due to increased risk tolerances and ongoing cybersecurity challenges, according to a global research of …

Ransomware attacks increased by 288% in H1 2021

September 6, 2021

Analysis from NCC Group’s Research Intelligence and Fusion Team (RIFT) has highlighted the growing threat of ransomware around the world. The number of ransomware attacks …

Patch bypass flaw in Pulse Secure VPNs can lead to total compromise (CVE-2021-22937)

August 6, 2021

The patch for a vulnerability (CVE-2020-8260) in Pulse Connect Secure VPN devices that attackers have been exploiting in the wild can be bypassed, security researcher Rich …

AppOmni’s platform protects companies against cloud and SaaS breaches

August 2, 2021

From ransomware to data breaches, global cybersecurity incidents against organizations, governments, and individuals are on the rise. There have been a multitude of attacks …

ioXt Alliance expands its Compliance Program to bring transparency to mobile apps and VPNs

April 19, 2021

The ioXt Alliance announced that it is expanding its ioXt Compliance Program with a new mobile application profile with added requirements for VPN applications. Defined …

Most decision makers plan to increase spending on cybersecurity this year

March 10, 2021

Budget cuts, redundancies, delays to cyber resilience projects and increased remote working in the last 12 months could all have increased organizations’ risk of a cyber …

Actively exploited SonicWall zero-day affects SMA 100 series appliances

February 2, 2021

SonicWall has confirmed that the actively exploited zero-day vulnerability spotted by the NCC Group on Sunday affects its Secure Mobile Access (SMA) 100 series appliances. …

NCC Group Remediate: Providing remedial action and support to strengthen clients’ security postures

October 16, 2020

NCC Group has officially launched its new Remediate service, which provides immediate remedial action and long-term strategic support to strengthen organizations’ …

Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all

July 8, 2020

Attackers are bypassing a mitigation for the BIG-IP TMUI RCE vulnerability (CVE-2020-5902) originally provided by F5 Networks, NCC Group’s Research and Intelligence …

GitHub Security Lab aims to make open source software more secure

November 15, 2019

GitHub, the world’s largest open source code repository and leading software development platform, has launched GitHub Security Lab. “Our team will lead by …

Operational Technology Cyber Security Alliance aims to tackle OT threats

October 22, 2019

Cyber attacks on critical and industrial infrastructure are on the rise, impacting operational reliability and business risk across all industries, including utilities, …

NCC Group

BLE vulnerability may be exploited to unlock cars, smart locks, building doors, smartphones

Increased risk tolerances are making digital transformation programs vulnerable

Ransomware attacks increased by 288% in H1 2021

Patch bypass flaw in Pulse Secure VPNs can lead to total compromise (CVE-2021-22937)

AppOmni’s platform protects companies against cloud and SaaS breaches

ioXt Alliance expands its Compliance Program to bring transparency to mobile apps and VPNs

Most decision makers plan to increase spending on cybersecurity this year

Actively exploited SonicWall zero-day affects SMA 100 series appliances

NCC Group Remediate: Providing remedial action and support to strengthen clients’ security postures

Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all

GitHub Security Lab aims to make open source software more secure

Operational Technology Cyber Security Alliance aims to tackle OT threats

Don't miss

Two business-grade Netgear VPN routers have security vulnerabilities that can’t be fixed

How to ensure that the smart home doesn’t jeopardize data privacy?

U.S. DOJ will no longer prosecute good-faith security researchers under CFAA

VMware issues critical fixes, CISA orders federal agencies to act immediately (CVE-2022-22972)

Many security engineers are already one foot out the door. Why?