E-commerce

The Human Vulnerability

By |2020-03-31T10:33:49-04:00September 13th, 2010|

It seems to us that one of the biggest threats that businesses face today is socially augmented malware attacks. These attacks have an extremely high degree of success because they target and exploit the human element. Specifically, it doesn't matter how many protective technology layers you [...]

Comments Off on The Human Vulnerability

Bypassing Antivirus to Hack You

By |2020-03-31T10:34:06-04:00August 6th, 2010|

Many people assume that running antivirus software will protect them from malware (viruses, worms, trojans, etc), but in reality the software is only partially effective. This is true because antivirus software can only detect malware that it knows to look for. Anything that doesn’t match a [...]

Comments Off on Bypassing Antivirus to Hack You

Security Vulnerability Penetration Assessment Test?

By |2020-03-31T10:34:14-04:00June 14th, 2010|

Our philosophy here at Netragard is that security-testing services must produce a threat that is at least equal to the threat that our customers are likely to face in the real world. If we test our customers at a lesser threat level and a higher-level threat [...]

Comments Off on Security Vulnerability Penetration Assessment Test?

REVERSE(noitcejnI LQS dnilB) Bank Hacking

By |2020-03-31T10:34:57-04:00May 16th, 2010|

Earlier this year we were hired to perform an Overt Web Application Penetration Test for one of our banking customers (did you click that?).This customer is a reoccurring customer and so we know that they have Web Application Firewalls and Network Intrusion Prevention Systems in play.We [...]

Comments Off on REVERSE(noitcejnI LQS dnilB) Bank Hacking

Inside The Brains Of A Professional Bank Hacking Team

By |2020-03-31T10:37:04-04:00April 26th, 2010|

Originally posted on Forbes.com - Read the original article here. We were recently hired to perform an interesting Advanced Stealth Penetration test for a mid-sized bank. The goal of the penetration test was to penetrate into the bank's IT Infrastructure and see how far we could [...]

Comments Off on Inside The Brains Of A Professional Bank Hacking Team

Outbound Traffic Risk and Controlls

By |2020-03-31T10:37:27-04:00April 6th, 2010|

Recently one of our customers asked me to provide them with information about the risks of unrestricted or lightly restricted outbound network traffic. As such, I decided to write this blog entry and share it with everyone. While some of the risks behind loose outbound network [...]

Comments Off on Outbound Traffic Risk and Controlls

Professional Script Kiddies vs Real Talent

By |2020-03-31T10:37:54-04:00March 4th, 2010|

The Good Guys in the security world are no different from the Bad Guys; most of them are nothing more than glorified Script Kidies. The fact of the matter is that if you took all of the self-proclaimed hackers in the world and you subjected them [...]

Comments Off on Professional Script Kiddies vs Real Talent

Hosted Solutions A Hackers Haven

By |2020-03-31T10:38:13-04:00October 12th, 2009|

Human beings are lazy by nature.If there is a choice to be made between a complicated technology solution and an easy technology solution, then nine times out of ten people will choose the easy solution.The problem is that the easy solutions are often riddled with hidden [...]

Comments Off on Hosted Solutions A Hackers Haven

Social Engineering — Its Nothing New

By |2020-03-31T10:38:20-04:00September 22nd, 2009|

With all the recent hype about Social Engineering we figured that we’d chime in and tell people what’s really going on. The fact is that Social Engineering is nothing more than a Confidence Trick being carried out by a Con Artist. The only difference between the [...]

Comments Off on Social Engineering — Its Nothing New

Verify Your Security Provider — The truth behind manual testing.

By |2020-03-31T10:38:39-04:00July 16th, 2009|

Something that I’ve been preaching for a while is that automated vulnerability scanners do not produce quality results and as such shouldn’t be relied on for penetration tests or vulnerability assessments. I’ve been telling people that they should look for a security company that offers manual [...]

Comments Off on Verify Your Security Provider — The truth behind manual testing.