Netragard Blog

Netragard Blog2020-04-24T15:31:19-04:00

Netragard Challenges your PCI Compliance

The purpose of legitimate Network Penetration Testing is to positively identify risks in a targeted IT Infrastructure before those risks are identified and exploited by malicious hackers. This enables the IT managers to remediate against those risks before they become an issue. To accomplish this the Penetration Test must be driven by people with at least the same degree of skill and persistence as the threat (defined by the malicious [...]

Netragard: Connect to chaos

The Chevy Volt will be the first car of its type: not because it is a hybrid electric/petrol vehicle, but because GM plans to give each one the company sells its own IP address. The Volt will have no less than 100 microcontrollers running its systems from some 10 million lines of code. This makes some hackers very excited and Adriel Desautels, president of security analysis firm Netragard, very worried.  Before [...]

Netragard’s thoughts on Pentesting IPv6 vs IPv4

We’ve heard a bit of “noise” about how IPv6 may impact network penetration testing and how networks may or may not be more secure because of IPv6.  Lets be clear, anyone telling you that IPv6 makes penetration testing harder doesn’t understand the first thing about real penetration testing. Whats the point of IPv6? IPv6 was designed by the Internet Engineering Task Force (“IETF”) to address the issue of IPv4 address [...]

Hacking your car for fun and profit.

Our CEO (Adriel Desautels) recently spoke at the Green Hills Software Elite Users Technology Summit regarding automotive hacking. During his presentation there were a series of reporters taking photographs, recording audio, etc.   Of all of the articles that came out, one in particular caught our eye.  We made the front page of "Elektronik iNorden" which is a Swedish technology magazine that focuses on hardware and embedded systems. You can [...]

What If?

I recently participated in a panel at the BASC conference that was held at the Microsoft New England Research & Development (NERD) building at One Memorial Drive in Cambridge. One of the questions that surfaced inspired me to write this article. While there are more security solutions available today than ever before, are we actually becoming more secure or is the gap growing? The short answer is yes.  The security [...]

Penetration Testing – What’s that?

It amazes me that most of the "security companies" that offer penetration testing services don't know what penetration testing is. Specifically, they don't deliver penetration tests even though they call their services penetration testing services. In most cases their customers think that they're receiving penetration tests but instead they're receiving the lesser quality vulnerability assessment service. When customers are looking to purchase penetration testing services they should receive penetration testing [...]

Define Perimeter

Its surprising to us that people still define their network perimeter by their firewall, which is often the perceived demarcation point between the Internet and the Local Area Network (LAN).  The fact of the matter is that the real demarcation point has nothing to do with the firewall at all.   In fact these days the real demarcation point has more to do with the human element (you) than with [...]

Fox 25 News Interview

Our (Netragard's) founder and president (Adriel Desautels) was recently interviewed by the local news (Fox 25) about car hacking.  We thought that we'd write a quick entry and share this with you. Thank you to Fox 25 for doing such a good job with the interview.  Note for the AAA guy though, once cars have IP addresses (which is now) hackers won't need to "pull up next to you to [...]

The Human Vulnerability

It seems to us that one of the biggest threats that businesses face today is socially augmented malware attacks. These attacks have an extremely high degree of success because they target and exploit the human element. Specifically, it doesn't matter how many protective technology layers you have in place if the people that you've hired are putting you at risk, and they are. Case in point, the “here you have” [...]

That nice, new computerized car you just bought could be hackable

Link: http://news.cnet.com/8301-27080_3-20015184-245.html Of course, your car is probably not a high-priority target for most malicious hackers. But security experts tell CNET that car hacking is starting to move from the realm of the theoretical to reality, thanks to new wireless technologies and evermore dependence on computers to make cars safer, more energy efficient, and modern. "Now there are computerized systems and they have control over critical components of cars like [...]

Bypassing Antivirus to Hack You

Many people assume that running antivirus software will protect them from malware (viruses, worms, trojans, etc), but in reality the software is only partially effective. This is true because antivirus software can only detect malware that it knows to look for. Anything that doesn’t match a known malware pattern will pass as a clean and trusted file.Antivirus technologies use virus definition files to define known malware patterns. Those patterns are [...]

Security Vulnerability Penetration Assessment Test?

Our philosophy here at Netragard is that security-testing services must produce a threat that is at least equal to the threat that our customers are likely to face in the real world. If we test our customers at a lesser threat level and a higher-level threat attempts to align with their risks, then they will likely suffer a compromise. If they do suffer a compromise, then the money that they [...]

Load More Posts