Netragard’s SNOsoft Research Team discovered two critical vulnerabilities in the OpenBase SQL Relational Database that can lead to full system compromise. The first vulnerability discovered is a command injection vulnerability that affects several of the default Stored Procedures. Specifically, it is possible to execute system commands as the root user by inserting a series of…Details
When legitimate security researchers notify technology vendors about security flaws in their technology, the best thing that the vendor can do is to welcome the information with open arms. When a vendor reacts with hostility it appears as if the vendor is attempting quash the security research instead of resolving the vulnerabilities identified by the…Details
As the list of nations claiming they were targeted by Internet attacks emanating from China continues to grow, the world’s most populous country has turned the mirror back on other governments. In statements made in the Chinese Cadres Tribune, Vice Minister of Information Industry Lou Qinjian claimed that the United States and other “hostile” governments…Details
For all of you who wanted “proof” about the cyberwar between China and the US, here’s an article for you. Unfortunately I think that China is in a better technological position with their “Golden Shield” firewall than we are with our ad-hoc Internet infrastructure. Specifically if you consider that “Golden Shield” is rumored to be…Details
This article was literally our idea. We contacted Andrew Greenberg at Forbes Magazine and discussed the possibility of China’s Operation Golden Shield being used as an offensive weapon during a Cyber war. Jayson Street, a long time SNOsoft team member is quoted in this article.
Netragard’s CTO (our founder) was interviewed by eWeek for this article. Again, focused on the e-bay like exploit auction site that we feel is doomed to fail.
Our founder, Adriel Desautels, comments about purchasing exploits in this Forbes article. The article also outlines a new business called WabiSabiLabi that is attempting to gain traction in the exploit market by using an e-bay like bidding structure. While this seems like a good idea at first glance the idea will face significant trust problems…Details
SNOsoft has discovered a high risk vulnerability in Maia Mailguard version 1.0.2 that makes it possible for an attacker to execute arbitrary commands on the affected system. The advisory will be published on Netragard’s website shortly. Until then users of the Maia Mailguard web application should suspend use or add .htaccess capabilities to the web…Details