CompSec Direct receives media mentions as the result from incident response services offered to Hacienda of Puerto Rico

By |2019-08-15T13:19:41-04:00March 18th, 2017|Categories: Attribution, Contracts, Cyber, Defensive Methodology, Hunting, Incident Response, Reports|Tags: , , , , |

The Center of Investigative News (Centro de Periodismo Investigativo) published an excellent summary of events from the situation the department of Hacienda faced in early March of 2017. Our early involvement in this event helped the citizens of Puerto Rico during an already difficult economic situation. We will continue to work with the department of Hacienda [...]

Comments Off on CompSec Direct receives media mentions as the result from incident response services offered to Hacienda of Puerto Rico

NTT Group Global Threat Intelligence Report 2016

By |2019-08-15T13:19:41-04:00October 19th, 2016|Categories: Cyber, Defensive Methodology, Forensic, Reports|Tags: , , , |

GTIR 2016 NTT Group published a great threat report for 2016. Quality publication and definitely worth while. Good for CISO's and Info Sec pros alike. Although some of the areas in the Key Findings are questionable given that we recently saw DDoS attacks above 1Tbs , other areas highlight recent trends that ultimately affect all of [...]

Comments Off on NTT Group Global Threat Intelligence Report 2016

CompSec Direct’s president presents Shodan research at local security conference in Puerto Rico

By |2019-08-15T13:19:41-04:00October 7th, 2016|Categories: Cyber, Demo, Pen-testing, Training|Tags: , , , |

CompSec Direct president, Jose Fernandez, presented an open-source intelligence gathering tool called Shodan-Runner at the Bsides PR security conference hosted on Oct 6,2016 in Puerto Rico. The tool allows users to use external CSV files in conjunction with the Shodan api in python to search for associations between different different fields. Using this tool reduces initial [...]

Comments Off on CompSec Direct’s president presents Shodan research at local security conference in Puerto Rico

CompSec Direct hosts remote incident response training for local Puerto Rico students and experts

By |2019-08-15T13:19:41-04:00October 7th, 2016|Categories: Cyber, Defensive Methodology, Demo, Forensic, Hunting, Training|

We hosted a training session on remote incident response operation on Oct 7, 2016. The course was provided "pro-bono" through @Obsidis_NGO‏, participants paid a small registration fee that covered lunch. Students were able to analyze malware on remote systems in a safe and controlled environment using our RIL platform. We want to thank everyone who attended [...]

Comments Off on CompSec Direct hosts remote incident response training for local Puerto Rico students and experts

Forcepoint 2015 Threat Report

By |2019-08-15T13:19:42-04:00February 15th, 2016|Categories: Attribution, Cyber, Defensive Methodology, Forensic, Hacking, Hunting, Pen-testing, Reports, Tor|

An excellent publication from Forcepoint that covers CnC malware, malicious insiders and attribution. Unlike other threat reports, this report covers multiple human factors that are often neglected in technical reports. In some cases, human error and predisposition to reuse malware has lead thee researchers to determine a high probability of configuration reuse which leads to easier [...]

Comments Off on Forcepoint 2015 Threat Report

Wassenaar Arrangement 2013 Plenary Agreements Implementation; Intrusion and Surveillance Items

By |2019-08-15T13:19:42-04:00July 20th, 2015|Categories: Cyber, Laws, Legislation|Tags: , , , |

CompSec Direct and other individuals and companies spoke out against the 2013 Wassenaar Arrangement. We hope our petitions for further revisions are heard. We have included a copy of the document submitted to http://www.regulations.gov/#!docketDetail;D=BIS-2015-0011 Wassenaar Agreement CompSecDirect We want to thank everyone that submitted and stood up for freedom of speech against the Wassenaar Arrangement 2013.

Comments Off on Wassenaar Arrangement 2013 Plenary Agreements Implementation; Intrusion and Surveillance Items

BSides Charm 2015 – Mass Hunting and Exploitation with PowerShell Slides CompSec Direct

By |2017-05-30T21:01:16-04:00April 12th, 2015|Categories: Cyber, Defensive Methodology, Demo, Hunting, Powershell|Tags: , , , , , |

Hello Everyone, Here are the slides from our presentation at Bsides Charm 2015. We look forward to coming back next year for another excellent community driven event. Mass Hunting with Powershell

Comments Off on BSides Charm 2015 – Mass Hunting and Exploitation with PowerShell Slides CompSec Direct

Cybergeddon: Why the Internet could be the next “failed state” -ArsTechnica

By |2017-05-30T21:01:16-04:00February 26th, 2015|Categories: Cyber, Hacking|Tags: |

Excellent article by Sean Gallagher from ArsTechnica. It truly captures the essence of how our world is likely headed into an unfortunate collision with technology. http://arstechnica.com/information-technology/2015/02/fear-in-the-digital-city-why-the-internet-has-never-been-more-dangerous/1/

Comments Off on Cybergeddon: Why the Internet could be the next “failed state” -ArsTechnica