NCC Group

On Thursday 8th of August 2024, Robert Herrera and Alex P. presented their talk 'Listen-Up: Sonos Over-The-Air Remote Kernel Exploitation and Covert Wiretap' at BlackHat USA in Las Vegas. The pair also released a whitepaper detailing the findings to coincide with their Black Hat presentation where they describe the reverse engineering process and exploitation techniques that were used to achieve arbitrary code execution on both the Sonos Era-100 and the Sonos One devices. Download now👉 https://lnkd.in/eiYN5sRA

This week at the Black Hat USA security conference, we’ve revealed our latest research into the safety and security of consumer connectable products, sharing details of vulnerabilities our researchers found in a range of Sonos smart speakers. The vulnerabilities, which have been patched by Sonos, exposed weaknesses in vital components of the devices that could enable attackers to circumvent security controls and covertly record all audio present. Click here to find out more 👉 https://lnkd.in/ei32cv32 #BlackHat #BlackHatUSA #Security #Research Alex P. Robert Herrera

Canary Tokens, also known as Honey Tokens, Honeypots or Deception Technology, are digital tripwires that act as early warning systems, alerting security teams to potential breaches and unauthorized access. Designed to mimic real data, such as files, usernames, or passwords, these tokens serve as bait for attackers. When accessed, they trigger alerts, allowing security teams to respond swiftly. By deploying Managed Canary as part of your NCC Group Managed XDR strategy, you can benefit from: ✅Early detection ✅24/7 monitoring ✅Correlation with other platforms such as SIEM, EDR, NDR ✅Insight into attacker behavior Read our latest blog to see how you can create defense in depth with Managed Canary: https://bit.ly/3LWYJXT #ManagedServices #CanaryTokens #HoneyTokens #CyberSecurity

Do you know your security gaps and how to successfully mitigate against them? Without a clear view of your organisation’s attack surface, it’s difficult to truly understand security gaps, potential vulnerabilities and defence capabilities across your environments. NCC Group’s External Attack Surface Management (EASM) provides clients with visibility of their exposed assets, and the ability to prioritise and remediate vulnerabilities to strengthen defences. Find out more: https://bit.ly/3WExeqS #ManagedServices #AttackSurface

Yesterday, our 12-month unaudited results to 31 May 2024 presentation showed our transformation journey is beginning to show solid progress, but we are not stopping here. We have made good progress on our transformation journey, with strong foundations for our Cyber capabilities and diversified routes to market, as well as continued quarter-on-quarter growth in Escode. Over the past year, we have achieved: - Created two distinct businesses – Escode and Cyber Security - Created a global operating model and in-year efficiency - Improvement in profitability and gross margins - Non-core asset disposals to create a more focused Cyber Security business You can see our highlights video below and watch our full webcast here https://lnkd.in/eyvFmgTv #NCCGroup #PeoplePowered #TechEnabled #CyberSecurity #Escode #FinancialResults #Webcast

We have announced the sale of our Fox Crypto business, a specialised business that develops and maintains high assurance cryptographic products to secure and contain sensitive information, to CR Group Nordic AB.    Our Fox IT leading cyber security services business is unaffected by the sale.   Behind the decision is our strategy to simplify our business to focus resources and future investment into growing our Cyber Security services business, with Fox IT at the heart of our efforts to grow and deliver on our purpose to even more of our clients in Benelux and across Europe.   Thanks to all of our Fox Crypto team for all their hard work and dedication. https://lnkd.in/etjUVfJD

In the increasingly connected world we live in, the products we trust with our security are more and more reliant on ever-present connectivity to fulfil their core functions.    Whilst increased connectivity offers many benefits, it also opens organisations up to potential risks.   Whether you're responsible for purchasing, installing, securing or managing your organisation's security technology and data, you’ll find expert guidance from the National Protective Security Authority (NPSA), to help you better understand and manage the risks and make decisions around its suitability. https://lnkd.in/eQ_Pcn6j #NPSA #NCSC #technology #networksecurity #networkconnected

Master AI Integration AI is revolutionising industries. Security is more vital than ever. As AI evolves, so do threats. Keeping systems safe and reliable requires constant vigilance. Overcome integration hurdles with proven methods for seamless AI deployment. NCC Group can guide your organisation through AI security challenges. Protect your AI systems and ensure their reliability. Explore our expert testing services today. https://bit.ly/4bWbpd7 #AI #CyberSecurity #AITesting #AIDeployment

Our Threat Pulse - Review of June 2024 saw a steep decline in LockBit 3.0 attacks and reduced ransomware levels across June: ➡ Total ransomware cases in June were lower than the average for the year, at 331 attacks. ➡LockBit 3.0 showed a significant decrease in activity, with only 11 attacks. ➡Industrials remains the most targeted sector, accounting for 31% of attacks in June. ➡North America and Europe accounted for 79% of all cases. Global Head of Threat Intelligence, 👤 Matt Hull comments “Overall, June's ransomware landscape was characterised by ongoing shifts, with LockBit 3.0's steep decline, and Play remaining a formidable force in the threat landscape. “The cyber threat landscape in the first half of 2024 has been marked by a series of significant events that have had a profound impact on global cybersecurity. We have seen major cyber incidents that have disrupted businesses, healthcare systems, and critical infrastructure across North America, Europe, and Asia Pacific region. “These incidents have ranged from data breaches to aggressive ransomware attacks, highlighting the evolving nature of cyber threats and the increasing capabilities of cyber adversaries. Equally, we’ve seen how external pressures on ransomware operations can significantly disrupt even the most prolific threat actors. These changes underscore how cyber security resilience must persist as a key priority for organisations across all industries.” Click here to find out more 👉 https://lnkd.in/gUYN6MP4

Last week showed that things can go wrong in our digital world and disruption will happen - whether intentionally or due to error. Whatever the reason, disruption at one stage of a supply chain can have a ripple effect all the way through it. Here, CEO 📡 Michael Maddison we reflect on the global IT outage and the lessons to learn 👉 https://lnkd.in/gMus-RnX