CompSec Direct ran Breach Village during a local BSides conference. "We wanted Breach Village to showcase real-problems and not the made up scenarios people see in Capture the Flags events. Realism and modern problems in cyber security are difficult to showcase into a fun learning environment" said Jose Fernandez. Breach Village used our Kleared4 cyber range [...]
Our president was able to teach over 200 participants at six cyber security focused conferences in an full-day workshop. Participants used Kleared4, our US made and hosted cyber range to analyze malware samples in a safe environment. "The best part about our range is that we provide all users a way to use real-world threats in [...]
"If you or a loved one has ever used a CPAP device..." Our President, Jose Fernandez, gave a medical device presentation at BioHacking Village during DefCon 31. This presentation focused on bringing awareness to privacy related issues related CPAP devices, how to passively identify some CPAP devices and follow on work for exploit related research for [...]
Ransomware: Hacienda of Puerto Rico
Kleared4 closed-operation fly-away edge kit
“Typing Kills”, so even if you do not agree with this; it’s true. Operator error grows the more you type. It’s akin to “measure twice, cut once”. In Capture the Flags (CTF’s), we often redo the same methodology and the only thing we change are network variables and usernames, the syntax remains constant. Over the years, [...]
Case 1. If you like the case study, hit us up and let us know. Take care. Malware Analysis on Hybrid-Analysis. case1Download
Problem CompSec Direct recently became aware of an information disclosure problem with the https://unired.ramajudicial.pr/lawyernotificationauthentication/ application used by the judicial branch of the Puerto Rico government. The application uses a weak sequential ID string that is provided to attorneys and clients in order to view sensitive legal documents. Manipulating the ID string with simple math, similar to the overturned [...]
An excellent publication from Forcepoint that covers CnC malware, malicious insiders and attribution. Unlike other threat reports, this report covers multiple human factors that are often neglected in technical reports. In some cases, human error and predisposition to reuse malware has lead thee researchers to determine a high probability of configuration reuse which leads to easier detection of [...]
The first is actually more common place. The second assumes the admin that maintains WordPress leaves a backup or older version of the file readable by any visitor that happens to “guess” a filename. In the past, CompSec Direct has been successful employing both techniques for customers during security audits, however the second leaves a 404 [...]
