Without taking proper precautions, your computer is a veritable smörgåsbord for hackers. Hackers have developed an array of techniques to infiltrate your system, extract your data, install self-serving software, and otherwise wreak havoc on your system. Every network in the world is vulnerable to hacking attempts; [...]
Most popular email programs like Microsoft Outlook, Apple Mail, Thunderbird, etc. have a convenient feature that enables them to remember the email addresses of people that have been emailed. Without this feature people would need to recall email addresses from memory or copy and paste from [...]
We recently completed the delivery of a Realistic Threat PCI focused Penetration Test for a large retail company. As is always the case, we don’t share customer identifiable information, so specific details about this engagement have been altered to protect the innocent. For the sake of [...]
The sensationalized stories about the hacking of PR Newswire Association, LLC., Business Wire, and Marketwired, L.P. (the Newswires) are interesting but not entirely complete. The articles that we've read so far paint the Newswires as victims of some high-talent criminal hacking group. This might be true [...]
A case study in Penetration Testing We haven’t been blogging as much as usual largely because we’ve been busy hacking things. So, we figured that we’d make it up to our readers by posting an article about one of our recent engagements. This is a story [...]
How we breached a retail network using our manual penetration testing methodology We recently delivered an Advanced Persistent Threat (APT) Penetration Test to one of our customers. People who know us know that when we say APT we’re not just using buzz words. Our APT services [...]
People are always mystified by how hackers break into major networks like Target, Hannaford, Sony, (government networks included), etc. They always seem to be under the impression that hackers have some elite level of skill. The truth is that it doesn’t take any skill to break [...]
This video provides and overview of the two most common methodologies for pricing a penetration test. How Much Should You Spend On Penetration Testing Services The most common question asked is "how much will it cost for you to deliver a penetration test to us?". [...]
Terms like China, APT and Zero-Day are synonymous with Fear, Uncertainty and Doubt (FUD). The trouble is that, in our opinion anyway, these terms and respective news articles detract from the actual problem. For example, in 2011 only 0.12% of compromises were attributed to zero-day exploitation [...]
In our last whistleblower article, we showed that the vast majority of Penetration Testing vendors don't actually sell Penetration Tests. We did this by deconstructing pricing methodologies and combining the results with common sense. We're about to do the same thing to the industry average Penetration [...]