Open letter to the research community

Dear all, In light of recent events, we have received many words of encouragement in comments on social media, through direct messages, and over the phone. We truly appreciate your support. It means a lot to us. Over the years, we have detected and helped fix a huge number of vulnerabilities in applications and hardware from almost all renowned vendors, such as Cisco, Citrix, Intel, … Continue reading Open letter to the research community

Positive Technologies on GitHub

Currently, an increasing number of companies, such as Google, Microsoft, Facebook, and JetBrains, are placing in open access the code of both small and big projects. Positive Technologies is famous not only for its skilled professionals in IT security but also for a lot of professional developers. This enables us to make a contribution into further development of the Open Source project. PT has the … Continue reading Positive Technologies on GitHub

Practical ways to misuse a router

Wi-Fi and 3G routers are all around us. Yet in just one recent month, approximately 10 root shell and administrator account vulnerabilities in home internet devices came to light. And access to tens of millions of IoT devices—routers, webcams, and other gadgets—is available to anyone willing to pay $50 for a shodan.io paid account. At the same time, developers and vendors of these devices tend … Continue reading Practical ways to misuse a router

Our new R&D center in Brno

We are pleased to announce the opening of our brand new   R&D center Brno, Czech Republic, which will focus on developing products to secure mobile telecommunications systems. Why Brno? As part of our global growth strategy to be closer to customers all over the world, we are seeking to open  sales offices and development centers in a diverse range of countries. Brno is the … Continue reading Our new R&D center in Brno

The eagerly awaited Gartner Web Application Firewall Magic Quadrant is released

For the first time our application firewall product, PT AF™, has been named a ‘visionary’ in the Gartner \”Magic Quadrant for Web Application Firewalls\” report. We are ecstatic that Gartner recognized Positive Technologies for its ability to innovate and outperform in the WAF market particularly as we are a new entrant to this Magic Quadrant. It is very rewarding to be recognized for a compelling vision … Continue reading The eagerly awaited Gartner Web Application Firewall Magic Quadrant is released

Positive Technologies Became Cisco’s Official Technology Partner

Cisco Systems has awarded Positive Technologies the status of Cisco Registered Developer. It’s notable that our company has become the first Russian company to be granted the status of Cisco Registered Developer. Now Positive Technologies has its own profile on the official web site of Cisco Systems. This status evidences the new level of cooperation between the two companies. It gives researchers of Positive Technologies expanded access … Continue reading Positive Technologies Became Cisco’s Official Technology Partner

Gaining Control Over Cloud Infrastructure. Easy as One, Two, Three

Several months ago the Positive Research Center analyzed security of Citrix XenServer. Among other things, we studied the security of administration interfaces, and web interfaces of various system components in particular. As a result, we managed to find several critical vulnerabilities, which allow obtaining control not only over these components but over the master server as well, that is over the whole cloud infrastructure. The … Continue reading Gaining Control Over Cloud Infrastructure. Easy as One, Two, Three

eBay. What Did Your Neighbor Buy?

I was browsing eBay and came across quite a striking lapse on the part of the ideologists.  They offer you this feature – feedback – which influence the buyer and  seller ratings. Once you close your deal and get your buy, you are strongly asked to rate the seller (\”leave feedback\”). You enter the page, rate the seller according to a number of criteria… and … Continue reading eBay. What Did Your Neighbor Buy?

Trendy APT — Struggling with Carelessness

Companies can be divided into two categories: those that know they\’ve been compromised and those that still have no idea. The term APT (Advanced Persistent Threat) was introduced by the US air forces in 2006 to describe a new type of attacks. For the first time they attempted to analyze an attack that had been conducted, make conclusions, and resist the new threat. APT is … Continue reading Trendy APT — Struggling with Carelessness

How to Hack a Telecommunications Company and Stay Alive

Sergey Gordeychik, Technical Director of Positive Technologies, presented his research work on information security of telecommunications companies at theZeroNight conference.  How is penetration testing performed for telecom networks? What dangers to expect from subscribers? How to avoid financial losses under hacker attacks? See his 71-slide presentation How to Hack a Telecommunications Company and Stay Alive under the cut. How to hack a telecommunication company and … Continue reading How to Hack a Telecommunications Company and Stay Alive