Non-attribution classification model published
Non-attribution classification model published
BSides PR 2019
Our President, @jfersec, had the privilege of Keynote during BSides PR 2019. During our presentation, we discussed some hard truth's around: the way DeepFakes and "WeakFakes" are utilizedhow we are good imitators and bad innovators in Puerto Ricopast efforts associated with Accelerated Disclosures for public and private companies in Puerto Ricoflaws associated with contract negotiations with [...]
CTF-Pasteables
“Typing Kills”, so even if you do not agree with this; it’s true. Operator error grows the more you type. It’s akin to “measure twice, cut once”. In Capture the Flags (CTF’s), we often redo the same methodology and the only thing we change are network variables and usernames, the syntax remains constant. Over the years, [...]
Open-Data wants to be free, but no one looks.
Problem: A few months ago, Giancarlo Gonzales, a former CIO for the island of Puerto Rico, indicated the lack of updates towards open-data in data.pr.gov. As part of an open-data initiative, Puerto Rico created its own version of data.gov, called data.pr.gov, which provides free and open access to government information datasets. Giancarlo alluded to the lack of updated [...]
Case 1
Case 1. If you like the case study, hit us up and let us know. Take care. Malware Analysis on Hybrid-Analysis. case1Download
CompSec Direct now approved Cyber-security vendor in Maryland
CompSec Direct has been approved as a Qualified Maryland Cybersecurity Seller (QMCS) by the Department of Commerce of Maryland. This allows us to provide cybersecurity services to qualifying companies under the Buy Maryland Cybersecurity (BMC) program. The program allows companies with 50 employees or less to purchase services and products from approved vendors like CompSec Direct. [...]
White pages are back!: Aeronet Wireless exposes customer info over SNMP
Problem CompSec Direct recently became aware of an information disclosure problem affecting Aeronet Wireless customers in Puerto Rico. In short, querying Shodan.io for Aeronet Wireless and SNMP presents publicly accessible information, such as customer names, IP’s, possible account ID’s and geographic locations. Code Proof https://www.shodan.io/search?query=org%3A%22Aeronet+Wireless%22+port%3A%22161%22 162.246.174.134 161 Linux XXX XXX 2.6.32.27 #2 Tue Dec 5 14:09:43 [...]
Data Mining PDF documents; using data conversion to reduce analysis time
Problem A month ago, we became aware of a way to harvest legal notifications from a government web-site. Link Here The web-server allows simple requests to be crafted in order to download PDF documents related to court proceedings. After a few hours, we had over 25,000 PDF documents available to analyze. Now the question becomes: What is the [...]
Apache brute: A simple brute force deterrent for Linux
We published a simple script to help identify and block possible brute-force attempts on a Linux web-server. The script counts the amount of “bad-actions” an ip has logged in the Apache logs and blocks the ip on port 443. This script also displays top 20 visitor information using geoiplookup (which should be installed) and performs a [...]
Judicial branch of Puerto Rico exposes sensitive court documents
Problem CompSec Direct recently became aware of an information disclosure problem with the https://unired.ramajudicial.pr/lawyernotificationauthentication/ application used by the judicial branch of the Puerto Rico government. The application uses a weak sequential ID string that is provided to attorneys and clients in order to view sensitive legal documents. Manipulating the ID string with simple math, similar to the overturned [...]