penetration test

What If?

By |2020-03-31T10:32:47-04:00December 2nd, 2010|

I recently participated in a panel at the BASC conference that was held at the Microsoft New England Research & Development (NERD) building at One Memorial Drive in Cambridge. One of the questions that surfaced inspired me to write this article. While there are more security [...]

Comments Off on What If?

Define Perimeter

By |2020-03-31T10:33:20-04:00November 16th, 2010|

Its surprising to us that people still define their network perimeter by their firewall, which is often the perceived demarcation point between the Internet and the Local Area Network (LAN).  The fact of the matter is that the real demarcation point has nothing to do with [...]

Comments Off on Define Perimeter

The Human Vulnerability

By |2020-03-31T10:33:49-04:00September 13th, 2010|

It seems to us that one of the biggest threats that businesses face today is socially augmented malware attacks. These attacks have an extremely high degree of success because they target and exploit the human element. Specifically, it doesn't matter how many protective technology layers you [...]

Comments Off on The Human Vulnerability

Bypassing Antivirus to Hack You

By |2020-03-31T10:34:06-04:00August 6th, 2010|

Many people assume that running antivirus software will protect them from malware (viruses, worms, trojans, etc), but in reality the software is only partially effective. This is true because antivirus software can only detect malware that it knows to look for. Anything that doesn’t match a [...]

Comments Off on Bypassing Antivirus to Hack You

Security Vulnerability Penetration Assessment Test?

By |2020-03-31T10:34:14-04:00June 14th, 2010|

Our philosophy here at Netragard is that security-testing services must produce a threat that is at least equal to the threat that our customers are likely to face in the real world. If we test our customers at a lesser threat level and a higher-level threat [...]

Comments Off on Security Vulnerability Penetration Assessment Test?

We Are Politically Incorrect

By |2020-03-31T10:34:48-04:00June 11th, 2010|

Back in February of 2009 we released an article called FaceBook from the hackers perspective. As far as we know, we were the first to publish a detailed article about using Social Networking Websites to deliver surgical Social Engineering attacks. Since that time, we noticed a [...]

Comments Off on We Are Politically Incorrect

REVERSE(noitcejnI LQS dnilB) Bank Hacking

By |2020-03-31T10:34:57-04:00May 16th, 2010|

Earlier this year we were hired to perform an Overt Web Application Penetration Test for one of our banking customers (did you click that?).This customer is a reoccurring customer and so we know that they have Web Application Firewalls and Network Intrusion Prevention Systems in play.We [...]

Comments Off on REVERSE(noitcejnI LQS dnilB) Bank Hacking

Inside The Brains Of A Professional Bank Hacking Team

By |2020-03-31T10:37:04-04:00April 26th, 2010|

Originally posted on Forbes.com - Read the original article here. We were recently hired to perform an interesting Advanced Stealth Penetration test for a mid-sized bank. The goal of the penetration test was to penetrate into the bank's IT Infrastructure and see how far we could [...]

Comments Off on Inside The Brains Of A Professional Bank Hacking Team

Outbound Traffic Risk and Controlls

By |2020-03-31T10:37:27-04:00April 6th, 2010|

Recently one of our customers asked me to provide them with information about the risks of unrestricted or lightly restricted outbound network traffic. As such, I decided to write this blog entry and share it with everyone. While some of the risks behind loose outbound network [...]

Comments Off on Outbound Traffic Risk and Controlls

Professional Script Kiddies vs Real Talent

By |2020-03-31T10:37:54-04:00March 4th, 2010|

The Good Guys in the security world are no different from the Bad Guys; most of them are nothing more than glorified Script Kidies. The fact of the matter is that if you took all of the self-proclaimed hackers in the world and you subjected them [...]

Comments Off on Professional Script Kiddies vs Real Talent