- Aug. 1, 2019
-- MEDIA ADVISORY
, one of the largest and most respected cybersecurity consultancies in the world, is a dynamic force in a dynamic field: As a global business with 1,800 colleagues in 12 countries, it has significant market presence in North America, continental Europe and the UK, and a rapidly growing footprint in Asia Pacific with offices in Australia and Singapore. It aims to protect organizations' brand value and reputation from a threat landscape that's always growing in sophistication and scope. The NCC Group Research Team regularly presents at major security conferences worldwide.News summary:
Next month in Las Vegas, NCC Group researchers will deliver 14 technical presentations throughout Black Hat USA 2019, BSidesLV, and DEF CON 27. The latest findings include:
NCC Group researchers
- The release of a tool that enables up to a 10x speedup in DNS rebinding exploitation, includes RCE and exfiltration payloads for common developer tools and software, and can bypass a number of services designed to protect against DNS rebinding
- An exploit development-oriented talk on all evils enabled by eBPF in the Linux kernel, from various forms of hidden IPC channels to fully fledged rootkits
- Understanding what security flaws inside MacOS installer packages are actually doing, and learning how to audit them for security issues that can be exploited to elevate privileges and gain code/command execution; additionally, a primer on finding and exploiting bugs in real installer packages
- Discovery of privacy-violating data collection and security practices in privacy-oriented iOS robocall-blocking apps
- Using open source tools to better understand your organization's cloud security posture
- Studies on mouse and keyboard tracking to analyze user behavior during phishing attacks
- New ways to compromise Azure: From admin account takeover and backdooring Azure AD with service account to complete remote bypass of multi-factor authentication and the cloud instance.
will also present remote vulnerabilities found in printers from six major enterprise vendors, including a large number (over 35) of responsibly-
disclosed 0-day vulnerabilities that were discovered through three months of dedicated research. Proof-of-concept exploits showing how it's possible to gain full control of printers—and all the data they manage—will be presented. The clear takeaway: Most enterprise printers offer an attack vector for exploitation and compromise by threat actors seeking to support C2 persistence, or to exfiltrate sensitive data from otherwise-secure corporate networks.
NCC Group's Director of Bug Bounty Services
will also speak at Black Hat USA on how to architect and operationalize a successful vulnerability disclosure or bug bounty program.
NCC Group also has a rich history of developing innovative technologies. The company will present and/or release several new tools, including:
- Phantap: An "invisible" network tap aimed at red teams
- Azucar: A plugin-based tool to assess an Azure environment's security risks
- chocoProxy: A tool to aid in reverse engineering Windows applications' network traffic to expedite development of memory corruption exploits
- Singularity: An open source DNS rebinding attack framework
- Scout Suite: A multi-cloud security auditing tool for AWS, GCP, and Azure
DETAILS, ALL SESSIONS, TRAININGS, INNOVATIONS, TOOLS, AND ADDITIONAL RESOURCES ARE HEREAdditional Resources: