On July 17 2025, we received an email from an IC company. Thing is, we can’t be sure about emails like this since we do Business Development (BD), but none of us knew the person sending the email and the Request For Information or RFI seemed odd. Figure 1: Email with suspicious link: https[:]//siliconoasis.co/connected Our President, [...]
We are providing our case study on echoraix, a ransomware group that targets network connected storage appliances from QNAP and Synology. Please share this case study with others and contact us for similar case studies, or related protection services. CompSec-Direct-echoraix-report-Apr-6-2024
Ransomware: Hacienda of Puerto Rico
Non-attribution classification model published
Case 1. If you like the case study, hit us up and let us know. Take care. Malware Analysis on Hybrid-Analysis. case1Download
The Center of Investigative News (Centro de Periodismo Investigativo) published an excellent summary of events from the situation the department of Hacienda faced in early March of 2017. Our early involvement in this event helped the citizens of Puerto Rico during an already difficult economic situation. We will continue to work with the department of Hacienda [...]
CompSec Direct was asked to provide incident response services to the department of Hacienda, the Treasury department of Puerto Rico, on March 7,2017. The department of Hacienda was experiencing daily losses of approximately $20 million dollars a day due to the severity and impact of ransomware on the government network. CompSec Direct’s president, Jose Fernandez, led [...]
An excellent publication from Forcepoint that covers CnC malware, malicious insiders and attribution. Unlike other threat reports, this report covers multiple human factors that are often neglected in technical reports. In some cases, human error and predisposition to reuse malware has lead thee researchers to determine a high probability of configuration reuse which leads to easier detection of [...]
The first is actually more common place. The second assumes the admin that maintains WordPress leaves a backup or older version of the file readable by any visitor that happens to “guess” a filename. In the past, CompSec Direct has been successful employing both techniques for customers during security audits, however the second leaves a 404 [...]
Hello from Puerto Rico. Here are our slides from Jose Fernandez’s talk on Tor and attribution. We are very exited to have participated in BSides PR 2015, and look forward to speaking again in the future. By the time we got to the beach, the Internet is hopefully in a slightly better state than we left [...]
