Call Us for more information 443-345-0503|info[at]compsecdirect.com
TwitterLinkedInGitHubGitHubFacebook

CompSec Direct solicited for subject matter expertise on Incident Response for Hacienda of Puerto Rico

By |2022-06-15T00:47:26-04:00March 10th, 2017|Categories: Attribution, Contracts, Defensive Methodology, Hunting, Incident Response, Reports|Tags: , , , |

CompSec Direct was asked to provide incident response services to the department of Hacienda, the Treasury department of Puerto Rico, on March 7,2017. The department of Hacienda was experiencing daily losses of approximately $20 million dollars a day due to the severity and impact of ransomware on the government network. CompSec Direct’s president, Jose Fernandez, led [...]

Read More
Comments Off on CompSec Direct solicited for subject matter expertise on Incident Response for Hacienda of Puerto Rico

NTT Group Global Threat Intelligence Report 2016

By |2022-06-15T00:50:38-04:00October 19th, 2016|Categories: Cyber, Defensive Methodology, Forensic, Reports|Tags: , , , , , , |

GTIR 2016 NTT Group published a great threat report for 2016. Quality publication and definitely worth while. Good for CISO’s and Info Sec pros alike. Although some of the areas in the Key Findings are questionable given that we recently saw DDoS attacks above 1Tbs , other areas highlight recent trends that ultimately affect all of [...]

Read More
Comments Off on NTT Group Global Threat Intelligence Report 2016

CompSec Direct hosts remote incident response training for local Puerto Rico students and experts

By |2022-06-13T18:23:30-04:00October 7th, 2016|Categories: Cyber, Defensive Methodology, Demo, Forensic, Hunting, Training|

We hosted a training session on remote incident response operation on Oct 7, 2016. The course was provided “pro-bono” through @Obsidis_NGO‏, participants paid a small registration fee that covered lunch. Students were able to analyze malware on remote systems in a safe and controlled environment using our RIL platform. We want to thank everyone who attended the session and [...]

Read More
Comments Off on CompSec Direct hosts remote incident response training for local Puerto Rico students and experts

Forcepoint 2015 Threat Report

By |2022-06-15T00:55:26-04:00February 15th, 2016|Categories: Attribution, Cyber, Defensive Methodology, Forensic, Hacking, Hunting, Pen-testing, Reports, Tor|

An excellent publication from Forcepoint that covers CnC malware, malicious insiders and attribution. Unlike other threat reports, this report covers multiple human factors that are often neglected in technical reports. In some cases, human error and predisposition to reuse malware has lead thee researchers to determine a high probability of configuration reuse which leads to easier detection of [...]

Read More
Comments Off on Forcepoint 2015 Threat Report

Why going after wp-config is a quick way to get banned

By |2022-06-15T00:59:14-04:00January 15th, 2016|Categories: Attribution, Defensive Methodology, Hacking, Reports, Wordpress|

The first is actually more common place. The second assumes the admin that maintains WordPress leaves a backup or older version of the file readable by any visitor that happens to “guess” a filename. In the past, CompSec Direct has been successful employing both techniques for customers during security audits, however the second leaves a 404 [...]

Read More
Comments Off on Why going after wp-config is a quick way to get banned

Bsides PR 2015 – Fun with Tor : How anonymity services complicate actor attribution CompSec Direct

By |2022-06-13T18:35:49-04:00May 29th, 2015|Categories: Attribution, Defensive Methodology, Demo, Hacking, Tor|Tags: , , , , , , , |

Hello from Puerto Rico. Here are our slides from Jose Fernandez’s talk on Tor and attribution. We are very exited to have participated in BSides PR 2015, and look forward to speaking again in the future. By the time we got to the beach, the Internet is hopefully in a slightly better state than we left [...]

Read More
Comments Off on Bsides PR 2015 – Fun with Tor : How anonymity services complicate actor attribution CompSec Direct

BSides Charm 2015 – Mass Hunting and Exploitation with PowerShell Slides CompSec Direct

By |2022-06-13T18:36:39-04:00April 12th, 2015|Categories: Cyber, Defensive Methodology, Demo, Hunting, Powershell|Tags: , , , , , |

Hello Everyone, Here are the slides from our presentation at Bsides Charm 2015. We look forward to coming back next year for another excellent community driven event.Mass Hunting with Powershell

Read More
Comments Off on BSides Charm 2015 – Mass Hunting and Exploitation with PowerShell Slides CompSec Direct
Go to Top