Forensic

Home/Forensic

BSides PR 2019 Wrap-Up: It starts with you

By |2019-10-16T22:27:25-05:00October 16th, 2019|Categories: Case Study, Cyber, Defensive Methodology, Disclosure, Forensic, Incident Response, Laws, Legislation, Videos|Tags: , , , , , , , |

Our President, @jfersec, had the privilege of Keynote during BSides PR 2019. During our presentation, we discussed some hard truth's around: the way DeepFakes and "WeakFakes" are utilizedhow we are good imitators and bad innovators in Puerto Ricopast efforts associated with Accelerated Disclosures for public and private companies in Puerto Ricoflaws associated with contract negotiations with [...]

Comments Off on BSides PR 2019 Wrap-Up: It starts with you

Case 1

By |2019-10-16T12:11:09-05:00August 27th, 2019|Categories: Attribution, Breach, Case Study, Contracts, Cyber, Defensive Methodology, Disclosure, Forensic, Hacking, Hunting, Incident Response, Laws, Reports|Tags: |

Case 1. If you like the case study, hit us up and let us know. Take care. Malware Analysis on Hybrid-Analysis. case1Download

Comments Off on Case 1

CompSec Direct now approved Cyber-security vendor in Maryland

By |2019-08-15T13:22:04-05:00August 15th, 2019|Categories: Contracts, Cyber, Defensive Methodology, Forensic, Hunting, News, Pen-testing, Social Engineering|Tags: , , , , , |

CompSec Direct has been approved as a Qualified Maryland Cybersecurity Seller (QMCS) by the Department of Commerce of Maryland. This allows us to provide cybersecurity services to qualifying companies under the Buy Maryland Cybersecurity (BMC) program. The program allows companies with 50 employees or less to purchase services and products from approved vendors like CompSec Direct. [...]

Comments Off on CompSec Direct now approved Cyber-security vendor in Maryland

Data Mining PDF documents; using data conversion to reduce analysis time

By |2019-08-15T13:19:40-05:00May 31st, 2017|Categories: Automation, e-Discovery, Forensic, Scripts, Tesseract|Tags: , , , , , |

Problem A month ago, we became aware of a way to harvest legal notifications from a government web-site. Link Here The web-server allows simple requests to be crafted in order to download PDF documents related to court proceedings. After a few hours, we had over 25,000 PDF documents available to analyze. Now the question becomes: What [...]

Comments Off on Data Mining PDF documents; using data conversion to reduce analysis time

NTT Group Global Threat Intelligence Report 2016

By |2019-08-15T13:19:41-05:00October 19th, 2016|Categories: Cyber, Defensive Methodology, Forensic, Reports|Tags: , , , |

GTIR 2016 NTT Group published a great threat report for 2016. Quality publication and definitely worth while. Good for CISO's and Info Sec pros alike. Although some of the areas in the Key Findings are questionable given that we recently saw DDoS attacks above 1Tbs , other areas highlight recent trends that ultimately affect all of [...]

Comments Off on NTT Group Global Threat Intelligence Report 2016

CompSec Direct hosts remote incident response training for local Puerto Rico students and experts

By |2019-08-15T13:19:41-05:00October 7th, 2016|Categories: Cyber, Defensive Methodology, Demo, Forensic, Hunting, Training|

We hosted a training session on remote incident response operation on Oct 7, 2016. The course was provided "pro-bono" through @Obsidis_NGO‏, participants paid a small registration fee that covered lunch. Students were able to analyze malware on remote systems in a safe and controlled environment using our RIL platform. We want to thank everyone who attended [...]

Comments Off on CompSec Direct hosts remote incident response training for local Puerto Rico students and experts

Forcepoint 2015 Threat Report

By |2019-08-15T13:19:42-05:00February 15th, 2016|Categories: Attribution, Cyber, Defensive Methodology, Forensic, Hacking, Hunting, Pen-testing, Reports, Tor|

An excellent publication from Forcepoint that covers CnC malware, malicious insiders and attribution. Unlike other threat reports, this report covers multiple human factors that are often neglected in technical reports. In some cases, human error and predisposition to reuse malware has lead thee researchers to determine a high probability of configuration reuse which leads to easier [...]

Comments Off on Forcepoint 2015 Threat Report

Security firm sued for filing “woefully inadequate” forensics report -Arstechnica

By |2019-08-15T13:19:42-05:00January 15th, 2016|Categories: Breach, Forensic, Lawsuit|

Arstechnica's Dan Goodin has reported that Trustwave is being sued by Affinity Gaming for not eliminating malware presence after a forensic investigation had been done. Mandiant uncovered the malware during a follow up PCI forensic investigation. See full-article below. Security firm sued for filing “woefully inadequate” forensics report

Comments Off on Security firm sued for filing “woefully inadequate” forensics report -Arstechnica