NTA Monitor

Latest News

Will IE6 be the next NT4?

1st October 2009 All penetration testers will remember the long tail of Windows NT 4.0, and how this operating system continued to be used long past the point when security updates stopped at the end of 2004. For many years the presence of an unpatchable NT4 server was a common issue in a penetration test report, and it is only now, almost five years after security support ended, that finding an NT4 system on a network is becoming a rare event. Read More

One in four web applications susceptible to high risk security flaws

7th September 2009 NTA Monitor has reported a 10% increase in the total number of web applications found to have at least one high-risk security issue... Read More

Organisations facing a changing threat landscape

20th July 2009 According to NTA Monitor's 2009 Annual Security Report, the average number of Internet security vulnerabilities is on the rise... Read More

The Return of the Insider Threat

1st July 2009 When NTA started security testing twelve years ago, the main focus was on the insider threat. There were many reports with statistics showing that most security breaches were due to insiders. By contrast there was very little focus on the external threat via Internet and third-party network links. Back then many companies did not even have a firewall. Read More

No smoke without fire

A total ban on smoking is fast approaching in all workplaces and NTA Monitor, a leading provider of IT security consultancy services, believes that this may leave companies vulnerable to a growing security threat - gaining corporate information via social techniques.

In a recent social engineering test undertaken by NTA, a tester was able to easily gain access to a corporate building through a back door that was left open for smokers. Once inside, the tester requested to be taken to a meeting room, claiming that the IT department had sent him. Even without a pass, he gained access unchallenged and was then able to connect his laptop to the VoIP network via a telephone point.

Roy Hills, Technical Director at NTA Monitor, comments: "It used to be that companies 'left the back door open' in terms of Internet security. Now they are literally leaving their buildings open to accommodate smokers. We are experiencing a surge in demand for social engineering tests as hackers are turning to social techniques to infiltrate corporate networks.'

'This latest social engineering test has proved that once inside a corporate building, an attacker can use social methods on employees to gain access to restricted areas and information if a rigid staff pass system is not in place."

This article was first released on: 12th February 2007