Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

NCC Group

Below you will find reports with the source of “NCC Group”

image from Threat Monitor Annual Report 2023

Threat Monitor Annual Report 2023

In this year’s Annual Cyber Threat Monitor Report, we take a look back at the key events that shaped the cyber threat landscape in 2023, as well as looking ahead at the year to come, sharing insights from our Cyber Threat Intelligence team here at NCC Group. 2023 showed signs that the international community is beginning to take the threats from cyber adversaries more seriously. We saw several examples of coordinated law enforcement action against criminal groups, including key ransomware operators and individuals believed to be acting on behalf of foreign intelligence services.

(more available)
Added: March 12, 2024
image from Annual Threat Monitor 2022

Annual Threat Monitor 2022

2022 was another year that kept us on our toes. The threat landscape was heavily influenced by the conflict between Russia and Ukraine, during which we have seen the whole arsenal of offensive cyber capabilities, deployed by criminals, hacktivists, and nation state groups.We saw the overall number of ransomware incidents dip by around 5% compared to the previous year. But, this slight dip does not mean we collectively declare ‘job done’. As a result, we have witnessed several coordinated operations in 2022 that saw arrests of key members of prolific cyber-criminal operations, as well as the disbanding of long-established groups. Least of all Conti, which was 2021’s most active group.”

(more available)
Added: March 7, 2023
image from ZCash Ceremony And Audit

ZCash Ceremony And Audit

This report is based on a security audit of the opening ceremony of ZCash.

Added: October 24, 2018
image from Understanding The Insider Threat And How To Mitigate It

Understanding The Insider Threat And How To Mitigate It

This paper is intended to give a high-level view on the insider threat for those looking to implement a defensive programme. It considers the types of attack that may take place and some of the common weaknesses that aid insider attacks. It also covers some of the policies and controls that can be implemented to detect, deter or defend against the insider threat. This paper is intended to be a summary, however, the final section details further reading and resources that provide more in-depth information.

(more available)
Added: October 23, 2018
image from Understanding Cyber RIsk Management vs Uncertainty With Confidence

Understanding Cyber RIsk Management vs Uncertainty With Confidence

This white paper provides an analysis of Risk Management and overcoming uncertainty.

Added: October 22, 2018
image from TPM Genie: Interposer Attacks Against the Trusted Platform Module Serial Bus

TPM Genie: Interposer Attacks Against the Trusted Platform Module Serial Bus

This report provides an analysis of TPM Genie. TPM Genie is a serial bus interposer which has been designed to aid in the security research of Trusted Platform Module hardware. The tool demonstrates that a man-in- the-middle on the TPM serial bus can undermine many of the stated purposes of the TPM such as measured boot, remote attestation, sealed storage, and the hardware random number generator.

(more available)
Added: October 21, 2018
image from The Economics Of Defense Security

The Economics Of Defense Security

This is a useful article that takes a look at the financial numbers of paying for a defensive strategy vs. paying for a breach. Perfect for accountants, and those who need to understand data from a purely financial side.

(more available)
Added: October 20, 2018
image from Open Banking Security Considerations And Potential Risks

Open Banking Security Considerations And Potential Risks

This report takes a good look at Open Banking, it defines what it is, and considers the security implications for using it.

(more available)
Added: October 19, 2018
image from Network Attached Security Attacking A Synology NAS

Network Attached Security Attacking A Synology NAS

Network-Attached Storage (NAS) devices are a popular way for people to store and share their photos, videos and documents. Securing these devices is essential as they can contain sensitive information and are often exposed to the Internet. Because Synology is one of the top manufacturers of NAS devices, this paper chose to analyze a Synology DS215j. In doing so it identifies a number of exploitable security flaws. In this paper, they discuss in detail the analysis performed, methodologies used, and vulnerabilities found during the summer of 2015.

(more available)
Added: October 18, 2018
image from Matty McMattface:Security Implications, Mitigations & Testing Strategies For BioMetric Facial Recognition Services

Matty McMattface:Security Implications, Mitigations & Testing Strategies For BioMetric Facial Recognition Services

This paper discusses the security issues related to biometric facial recognition applications.

Added: October 17, 2018
image from The Update Framework Security Assessment

The Update Framework Security Assessment

During the summer of 2017, a study was done on the security issues related to the TUF framework.

Added: October 16, 2018
image from Cross-Protocol Request Forgery

Cross-Protocol Request Forgery

This whitepaper formalizes a class of attacks called Cross-Protocol Request Forgery (CPRF) which enables non-HTTP listeners to be exploited through Cross-Site Request Forgery (CSRF) and Server-Side Request Forgery (SSRF). This paper both references existing research and expands upon it in later sections.

(more available)
Added: October 15, 2018
image from CakePHP Security Assessment

CakePHP Security Assessment

This report is based on a study done in 2017 to analyze security issues in CakePHP.

Added: October 14, 2018
© Cyentia Institute 2025
Library updated: July 5, 2025 04:08 UTC (build b1d7be4)