blog

Hacking casinos with zeroday exploits

By |2020-04-07T12:22:22-04:00November 29th, 2016|

Most popular email programs like Microsoft Outlook, Apple Mail, Thunderbird, etc. have a convenient feature that enables them to remember the email addresses of people that have been emailed.  Without this feature people would need to recall email addresses from memory or copy and paste from [...]

Enemy of the state

By |2020-03-31T10:24:19-04:00January 25th, 2016|

A case study in Penetration Testing We haven’t been blogging as much as usual largely because we’ve been busy hacking things.   So, we figured that we’d make it up to our readers by posting an article about one of our recent engagements. This is a story [...]

Exploit Acquisition Program Shut Down

By |2020-03-31T10:25:36-04:00July 17th, 2015|

We've decided to terminate our Exploit Acquisition Program (again).   Our motivation for termination revolves around ethics, politics, and our primary business focus.  The HackingTeam breach proved that we could not sufficiently vet the ethics and intentions of new buyers. HackingTeam unbeknownst to us until after their [...]

What real hackers know about the penetration testing industry that you don’t.

By |2020-03-31T10:25:45-04:00March 10th, 2015|

The information security industry has become politicized and almost entirely ineffective as is evidenced by the continually increasing number of compromises. The vast majority of security vendors don’t sell security; they sell political solutions designed to satisfy the political security needs of third parties. Those third [...]

Penetration Testing Vendor Comparison. How To Select The Right Vendor.

By |2020-03-31T10:25:54-04:00November 11th, 2014|

Video Overview: Not all penetration testing services are equal. This video discusses what to watch out for when selecting a penetration testing vendor. Penetration Testing Vendor Comparison Video Below. https://www.youtube.com/watch?v=dRrxNWVYL7E Not all Penetration Testing companies are created equal. In this video we walk through the right way to [...]

The Truth About Breaching Retail Networks

By |2020-03-31T10:26:03-04:00September 11th, 2014|

How we breached a retail network using our manual penetration testing methodology We recently delivered an Advanced Persistent Threat  (APT) Penetration Test to one of our customers. People who know us know that when we say APT we’re not just using buzz words.  Our APT services [...]

What you don’t know about compliance…

By |2020-03-31T10:26:14-04:00August 1st, 2014|

People are always mystified by how hackers break into major networks like Target, Hannaford, Sony, (government networks included), etc.  They always seem to be under the impression that hackers have some elite level of skill.  The truth is that it doesn’t take any skill to break [...]