This article was literally our idea. We contacted Andrew Greenberg at Forbes Magazine and discussed the possibility of China’s Operation Golden Shield being used as an offensive weapon during a Cyber war. Jayson Street, a long time SNOsoft team member is quoted in this article.
Netragard’s CTO (our founder) was interviewed by eWeek for this article. Again, focused on the e-bay like exploit auction site that we feel is doomed to fail.
Our founder, Adriel Desautels, comments about purchasing exploits in this Forbes article. The article also outlines a new business called WabiSabiLabi that is attempting to gain traction in the exploit market by using an e-bay like bidding structure. While this seems like a good idea at first glance the idea will face significant trust problems…Details
SNOsoft has discovered a high risk vulnerability in Maia Mailguard version 1.0.2 that makes it possible for an attacker to execute arbitrary commands on the affected system. The advisory will be published on Netragard’s website shortly. Until then users of the Maia Mailguard web application should suspend use or add .htaccess capabilities to the web…Details
For those of you that are participating in our Exploit Acquisition Program please contact email@example.com for information on how to access our new Secure Internet Live Conferencing (SILC) server for discussing your research in a secure way. Don’t try scanning for the server yourself because you won’t find it and your IP address will be…Details
We’ve started focusing on the security of appliances that are installed in corporate and government networks. To our amazement most of these appliances are more insecure than the operating systems and software that we’ve (being the security industry) been picking on so aggressively. In fact, we are looking at one appliance right now that is…Details
Netragard has released another vulnerability. This time it is a local root compromise using McAfee VirusScan for Mac. Granted this isn’t all that exciting but if you’re at all interested it can be found here.
Kevin Finisterre found a FrontBase Database <= 4.2.7. buffer overflow vulnerabilitiy that was recently released by SNOsoft on Netragard's website. This particular vulnerability enables an attacker to gain remote access to a system. The official advisory (that contains working Proof of Concept) can be found here.
The SNOsoft Research Team recently performed a light weight security assessment of the @Mail Webmail product. @Mail is very much like OWA with respect to look, feel and functionality. The result of this research project was the discovery of two bugs in the product. These bugs were released as formal advisories by Netragard and can…Details