My CPAP has a recall; let’s open it instead!

By |2023-08-13T12:50:04-04:00August 12th, 2023|Categories: Demo, firmware, Forensic, Hacking, Medical, Videos|Tags: , , , , , , |

"If you or a loved one has ever used a CPAP device..." Our President, Jose Fernandez, gave a medical device presentation at BioHacking Village during DefCon 31. This presentation focused on bringing awareness to privacy related issues related CPAP devices, how to passively identify some CPAP devices and follow on work for exploit related research for [...]

Comments Off on My CPAP has a recall; let’s open it instead!

CompSec Direct’s president presents ZigBee research at local security conference at Inner Harbor

By |2022-06-15T00:45:03-04:00April 30th, 2017|Categories: Cyber, Demo, Laws, Reports|Tags: , , , , , , |

Our President, Jose Fernandez, presented ZigBee research at Bsides Charm 2017 in Baltimore on April 29, 2017. The presentation, called Frony Fronius: Exploring ZigBee signals from SolarCity covered IoT (Internet of Threats) findings on commercial solar panel solutions. Part of the presentation asked participants how they felt about e-meters and how companies are beginning to deploy [...]

Comments Off on CompSec Direct’s president presents ZigBee research at local security conference at Inner Harbor

CompSec Direct’s president presents Shodan research at local security conference in Puerto Rico

By |2022-06-15T00:53:53-04:00October 7th, 2016|Categories: Cyber, Demo, Pen-testing, Training|Tags: , , , , |

CompSec Direct president, Jose Fernandez, presented an open-source intelligence gathering tool called Shodan-Runner at the Bsides PR security conference hosted on Oct 6,2016 in Puerto Rico. The tool allows users to use external CSV files in conjunction with the Shodan api in python to search for associations between different different fields. Using this tool reduces initial [...]

Comments Off on CompSec Direct’s president presents Shodan research at local security conference in Puerto Rico

CompSec Direct hosts remote incident response training for local Puerto Rico students and experts

By |2022-06-13T18:23:30-04:00October 7th, 2016|Categories: Cyber, Defensive Methodology, Demo, Forensic, Hunting, Training|

We hosted a training session on remote incident response operation on Oct 7, 2016. The course was provided “pro-bono” through @Obsidis_NGO‏, participants paid a small registration fee that covered lunch. Students were able to analyze malware on remote systems in a safe and controlled environment using our RIL platform. We want to thank everyone who attended the session and [...]

Comments Off on CompSec Direct hosts remote incident response training for local Puerto Rico students and experts

Bsides PR 2015 – Fun with Tor : How anonymity services complicate actor attribution CompSec Direct

By |2022-06-13T18:35:49-04:00May 29th, 2015|Categories: Attribution, Defensive Methodology, Demo, Hacking, Tor|Tags: , , , , , , , |

Hello from Puerto Rico. Here are our slides from Jose Fernandez’s talk on Tor and attribution. We are very exited to have participated in BSides PR 2015, and look forward to speaking again in the future. By the time we got to the beach, the Internet is hopefully in a slightly better state than we left [...]

Comments Off on Bsides PR 2015 – Fun with Tor : How anonymity services complicate actor attribution CompSec Direct

BSides Charm 2015 – Mass Hunting and Exploitation with PowerShell Slides CompSec Direct

By |2022-06-13T18:36:39-04:00April 12th, 2015|Categories: Cyber, Defensive Methodology, Demo, Hunting, Powershell|Tags: , , , , , |

Hello Everyone, Here are the slides from our presentation at Bsides Charm 2015. We look forward to coming back next year for another excellent community driven event.Mass Hunting with Powershell

Comments Off on BSides Charm 2015 – Mass Hunting and Exploitation with PowerShell Slides CompSec Direct

How to exploit Domain Controllers with MS14-068 / From Zero 2 Hero

By |2022-06-13T18:39:44-04:00December 7th, 2014|Categories: Demo, Hacking|Tags: , , |

Hello! This is jfer from compsec direct. I would like to show you how to leverage the new Kerberos exploit against Windows domain controllers called ms14-068. This vulnerability allows a user with domain credentials to forge a Kerberos ticket and receive domain admin privileges via the forged ticket. I want to thank Sylvain Monné aka Bidord [...]

Comments Off on How to exploit Domain Controllers with MS14-068 / From Zero 2 Hero
Go to Top