CompSec Direct president, Jose Fernandez, presented an open-source intelligence gathering tool called Shodan-Runner at the Bsides PR security conference hosted on Oct 6,2016 in Puerto Rico. The tool allows users to use external CSV files in conjunction with the Shodan api in python to search for associations between different different fields. Using this tool reduces initial [...]
We hosted a training session on remote incident response operation on Oct 7, 2016. The course was provided “pro-bono” through @Obsidis_NGO, participants paid a small registration fee that covered lunch. Students were able to analyze malware on remote systems in a safe and controlled environment using our RIL platform. We want to thank everyone who attended the session and [...]
An excellent publication from Forcepoint that covers CnC malware, malicious insiders and attribution. Unlike other threat reports, this report covers multiple human factors that are often neglected in technical reports. In some cases, human error and predisposition to reuse malware has lead thee researchers to determine a high probability of configuration reuse which leads to easier detection of [...]
The first is actually more common place. The second assumes the admin that maintains WordPress leaves a backup or older version of the file readable by any visitor that happens to “guess” a filename. In the past, CompSec Direct has been successful employing both techniques for customers during security audits, however the second leaves a 404 [...]
Arstechnica's Dan Goodin has reported that Trustwave is being sued by Affinity Gaming for not eliminating malware presence after a forensic investigation had been done. Mandiant uncovered the malware during a follow up PCI forensic investigation. See full-article below. Security firm sued for filing “woefully inadequate” forensics report
CompSec Direct and other individuals and companies spoke out against the 2013 Wassenaar Arrangement. We hope our petitions for further revisions are heard. We have included a copy of the document submitted to http://www.regulations.gov/#!docketDetail;D=BIS-2015-0011 Wassenaar Agreement CompSecDirect We want to thank everyone that submitted and stood up for freedom of speech against the Wassenaar Arrangement 2013.
Excellent report by Kaspersky that unmasks a breach inside their corporate infrastructure. Stepson of Stuxnet stalked Kaspersky for months, tapped Iran nuke talks
Hello from Puerto Rico. Here are our slides from Jose Fernandez’s talk on Tor and attribution. We are very exited to have participated in BSides PR 2015, and look forward to speaking again in the future. By the time we got to the beach, the Internet is hopefully in a slightly better state than we left [...]
Hello Everyone, Here are the slides from our presentation at Bsides Charm 2015. We look forward to coming back next year for another excellent community driven event.Mass Hunting with Powershell
PCI-DSS recently released a revised document that covers pen-testing requirements for merchants and security providers. The document does a good job of comparing pen-testing with vulnerability assessments. If your company recently had a pen-test or vulnerability assessment done that did not cover all of these area and more, then call us and compare. Here is a [...]
