NCC Group was recently posed the following by one of our UK CISO Research Council members: ‘Blockchain (especially BitCoin) is highly dependent on elliptic curve crypto and hashes like SHA256 and RIPEMD-160, which are all vulnerable to quantum computing attacks using Shaw’s and Grover’s algorithms. The banks are all going headlong into Blockchain generically and […]
In this threat brief we will discuss the existence of embedded USB keyboards that are becoming increasingly common, these keyboard like devices can be used to bypass the security enhancements in modern operating systems or configuration settings that stop the automatic execution of code from USB devices. However these devices are being exploited and presented […]
In September 2012 NCC Group noted a security issue relating to the use of ASP.NET forms authentication in a shared/cloud hosting environment, which could potentially allow an attacker to successfully authenticate to an application for which they do not have valid credentials. This threat brief will discuss this issue in more details on the attacks […]