Exploits

Hacking casinos with zeroday exploits

By |2020-04-07T12:22:22-04:00November 29th, 2016|

Most popular email programs like Microsoft Outlook, Apple Mail, Thunderbird, etc. have a convenient feature that enables them to remember the email addresses of people that have been emailed.  Without this feature people would need to recall email addresses from memory or copy and paste from [...]

Exploit Acquisition Program Shut Down

By |2020-03-31T10:25:36-04:00July 17th, 2015|

We've decided to terminate our Exploit Acquisition Program (again).   Our motivation for termination revolves around ethics, politics, and our primary business focus.  The HackingTeam breach proved that we could not sufficiently vet the ethics and intentions of new buyers. HackingTeam unbeknownst to us until after their [...]

The Truth About Breaching Retail Networks

By |2020-03-31T10:26:03-04:00September 11th, 2014|

How we breached a retail network using our manual penetration testing methodology We recently delivered an Advanced Persistent Threat  (APT) Penetration Test to one of our customers. People who know us know that when we say APT we’re not just using buzz words.  Our APT services [...]

Whistleblower Series – The real problem with China isn’t China, its you.

By |2020-03-31T10:27:14-04:00June 10th, 2013|

Terms like China, APT and Zero-Day are synonymous with Fear, Uncertainty and Doubt (FUD).  The trouble is that, in our opinion anyway, these terms and respective news articles detract from the actual problem.  For example, in 2011 only 0.12% of compromises were attributed to zero-day exploitation [...]

Comments Off on Whistleblower Series – The real problem with China isn’t China, its you.

Selling zero-day’s doesn’t increase your risk, here’s why.

By |2020-03-31T10:28:00-04:00August 13th, 2012|

The zero-day exploit market is secretive. People as a whole tend to fear what they don’t understand and substitute fact with speculation.  While very few facts about the zero-day exploit market are publicly available, there are many facts about zero-days that are available.  When those facts [...]

Comments Off on Selling zero-day’s doesn’t increase your risk, here’s why.

Thank You Anonymous

By |2012-04-23T08:00:46-04:00April 23rd, 2012|

We (Netragard) have been meaning to say Thank You to Anonymous for a long time now. With that said, Netragard does not condone the actions of Anonymous, nor the damage they have caused.   What Anonymous has demonstrated, and continues to demonstrate, is just how poorly [...]

Comments Off on Thank You Anonymous

Netragard on Exploit Brokering

By |2020-03-31T10:28:08-04:00April 12th, 2012|

Historically ethical researchers would provide their findings free of charge to software vendors for little more than a mention.  In some cases vendors would react and threaten legal action citing violations of poorly written copyright laws that include but are not limited to the DMCA.  To [...]

Comments Off on Netragard on Exploit Brokering