In The News
Praetorian Reports Congressional Websites Defacements
Researchers at Praetorian Security Group reported that 49 websites of Congressional members were hacked and defaced by a group known as The RedEyeCrew. The story and Praetorian's reporting was then covered by Politico, SC Magazine, PC World, Network World, and Softpedia
Praetorian Demonstrates Exploit used in Google Hack
Researchers at Praetorian Security Group demonstrated the effects of the Aurora exploit and the release of the exploit in Metasploit, the open source penetration testing framework. The story was additionally covered by Dark Reading, and Beta News, referring to Praetorian's video of the exploit in action.
Praetorian Details Baidu.com Hack
Researchers at Praetorian Security Group were able to research and provide details of the Baidu.com defacement by the Iranian Cyber Army while the Baidu.com site was still being redirected to ICA servers. The story of Juniper's JunOS router and switch software. The Wall Street Journal spoke to Jeremy Rossi about the details and published this story. Network World, and eWeek covered Praetorian's research as well. Following the events of the hack, BetaNews spoke to Daniel Kennedy about how Google would come to the conclusion that China or Chinese interests were to blame.
Praetorian Confirms a Critical Bug in Juniper Routers
Researchers at Praetorian Security Group confirmed a critical vulnerability in certain versions of Juniper's JunOS router and switch software. The details were then covered by various news outlets, including The Register, PC World, Dark Reading, and SoftPedia.
Praetorian Researches an Attack which hits Adobe Reader Vulnerabilities
Praetorian Security Group investigated a malicious PDF file which infected users of the popular "Ain't It Cool" website. The PDF can exploit three specific dated vulnerabilities in Acrobat Reader, once executed, downloads malware code onto the victim's computer. The research was noted by Computer World in the following article and by The Register in this article.
Praetorian Analyzes SQL Injection on Intel Channel Partners Website
Praetorian Security Group analyzed a SQL injection demonstrated by a gray-hat hacker performed on an Intel sponsored website. The results showed that critical personal identifyable information (PII) was exposed and the site had been prior victim to defacement. This DarkReading.com article references Praetorian's analysis.
Praetorian shares take on Cybersecurity Coordinator Appointment
Daniel Kennedy, Partner at Praetorian Security Group, shared his comments on the appointment of Howard Schmidt as the new cybersecurity coordinator with TechTarget.com's IT Knowledge Exchange.
Praetorian Primer on Incident Response Tools
Praetorian Security Group's forensic analysis and incident response practice published a primer on various tools used for Windows incident response. The article provided the digitial forensics community with a reference for investigators to use, both experienced and those that are learning, when testing various tools of the trade. The guide was referenced by The Digital Forensics Group online.
In-depth Look at COFEE and DECAF tools
Praetorian Security Group's forensic analysis and incident response practice took a detailed look at a forensics toolkit by Microsoft called COFEE and a subsequent anti-forensics tool to combat it called DECAF. Both the COFEE article and DECAF article provide technical details of the tools providing readers with the information needed to analyze how both issues, the leak of COFEE and the release of DECAF, impact the areas of incident response and forensic investigations. Finally, to combat misinformation circulating the internet, we released the following article providing details to the theories of Decaf being a hoax. This Cyberspeak Podcast credits Praetorian for publishing evidence rather than theory and heresay.
Praetorian Discusses Pentagon Website XSS Vulnerability
Daniel Kennedy, Partner at Praetorian Security Group, discussed a Cross Site Scripting vulnerability on certain tour pages of the Pentagon website with several major news outlets, including SC Magazine and Dark Reading (an InformationWeek Security journal). Mr. Kennedy's analysis displayed how the vulnerability can be used for malicious purposes and that it has been a known issue for quite some time.
Prefect Article Referenced by CVE and NIST
An article on Praetorian Prefect discussing test results of a critical bug in Windows 7 and Windows 2008 R2 was used as a reference in the National Vulnerability Database and in the official CVE. The post was also quoted by various major news outlets including Information Week and The Tech Herald.
New York City office location:
