Skip to navigation Skip to main content Skip to footer

Research Blog

Insights and research from our global cybersecurity team.

Filter content

Reset filters

Distributed Ledger (Blockchain) Security and Quantum Computing Implications

NCC Group was recently posed the following by one of our UK CISO Research Council members: ‘Blockchain (especially BitCoin) is highly dependent on elliptic curve crypto and hashes like SHA256 and RIPEMD-160, which are all vulnerable to quantum computing attacks using Shaw’s and Grover’s algorithms. The banks are all going headlong into Blockchain generically and […]


USB keyboards by post – use of embedded keystroke injectors to bypass autorun restrictions on modern desktop operating systems

In this threat brief we will discuss the existence of embedded USB keyboards that are becoming increasingly common, these keyboard like devices can be used to bypass the security enhancements in modern operating systems or configuration settings that stop the automatic execution of code from USB devices. However these devices are being exploited and presented […]


ASP.NET Security and the Importance of KB2698981 in Cloud Environments

In September 2012 NCC Group noted a security issue relating to the use of ASP.NET forms authentication in a shared/cloud hosting environment, which could potentially allow an attacker to successfully authenticate to an application for which they do not have valid credentials. This threat brief will discuss this issue in more details on the attacks […]