News2019-08-22T13:00:40-04:00

CompSec Direct recognized by Microsoft with Firmware analysis partner specialization

CompSec Direct is Microsoft approved for firmware analysis. This is a new partner specialization within the Defender for IoT ecosystem of Microsoft's security portfolio. We can help your organization find vulnerabilities within your IoT devices [...]

By |August 18th, 2022|Categories: Contracts, Cyber, Defensive Methodology, Design, firmware, News, Partnerships|Tags: , , , , , |Comments Off on CompSec Direct recognized by Microsoft with Firmware analysis partner specialization

CompSec Direct is a 2022 VIP Start graduate from the National Veteran Institute For Procurement

We graduated from VIP Start! This is a 4-month program to help small veteran-owned business with government contracting, procurement and growth for small SDVOSB, 8A companies, minority owned companies. If you are a veteran and [...]

By |February 28th, 2022|Categories: Contracts, Networking, News|Tags: , , , |Comments Off on CompSec Direct is a 2022 VIP Start graduate from the National Veteran Institute For Procurement

CompSec Direct wins firmware analysis prototype event held at Dreamport

After placing 5th on a previous challenge, we were happy to place 1st on a subsequent firmware c. We improved our process, provided analysis and emulation findings to set us apart from the rest. Please [...]

By |June 8th, 2020|Categories: Automation, Cyber, Reports|Tags: , , , |Comments Off on CompSec Direct wins firmware analysis prototype event held at Dreamport

Know the players in Cyber: how little we know about the leaders of our cyber adversaries

During HammerCon 2022, we ran a timed 60-second 5 question quiz to determine which country was the biggest threat in Cyber. We created adaptive questions sets that would correspond to selections, and we were not [...]

By |December 7th, 2022|Categories: Creative, Cyber, Events, Networking, Reports, Survey|Tags: , , , , , |Comments Off on Know the players in Cyber: how little we know about the leaders of our cyber adversaries

Malware analysis workshop at AvengerCon VII

Our President, Jose Fernandez, ran a malware analysis workshop using containers during AvengerCon VII. The event, hosted at Dreamport in Columbia, MD allowed participants to use Kleared4, our disassociated cyber-range, to safely analyze and triage [...]

By |December 5th, 2022|Categories: Automation, Containers, Cyber, Defensive Methodology, Hunting, Training|Tags: , , , , |Comments Off on Malware analysis workshop at AvengerCon VII

Autodyne: Automated firmadyne for firmware emulation

Emulate device firmware using containers with Autodyne. We crossed 2k pulls on dockerhub! Our CI pipeline for daily updated images for ubuntu 18 / ubuntu 20 has been growing strong since we open-sourced the images. [...]

By |December 4th, 2022|Categories: Automation, Containers, Cyber, emulation, firmware, Scripts|Tags: , , , , , |Comments Off on Autodyne: Automated firmadyne for firmware emulation

BSides Charm 2022

We helped the event by providing sponsorship funds. This allows BSides to continue operating, providing speaking opportunities, and presentation workshops within the local area that would otherwise be presented at larger security conferences. Thanks for [...]

By |May 2nd, 2022|Categories: Cyber, Events, Networking|Tags: , , |Comments Off on BSides Charm 2022

CompSec Direct gets press mentions for cybersecurity expertise

CompSec Direct Executive Team with a a Kleared4 Edge unit. Picture taken by R. Fernandez. We were interviewed in 2021 by El Nuevo Día, a local newspaper in Puerto Rico. Some the of the issues we [...]

By |July 22nd, 2021|Categories: Cyber, News, Puerto Rico|Tags: , , , , , |Comments Off on CompSec Direct gets press mentions for cybersecurity expertise

Ransomware: Hacienda of Puerto Rico

Ransomware: Hacienda of Puerto Rico

By |June 21st, 2021|Categories: Attribution, Breach, Case Study, Contracts, Cyber, Defensive Methodology, Disclosure, Firewall, Forensic, Hacking, Incident Response, Reports|Tags: , , |Comments Off on Ransomware: Hacienda of Puerto Rico

Kleared4 closed-operation fly-away edge kit

Kleared4 closed-operation fly-away edge kit

By |June 7th, 2021|Categories: Automation, Cyber, Defensive Methodology, Design, Forensic, Hacking, Hunting, Incident Response, Networking|Tags: , , , , |Comments Off on Kleared4 closed-operation fly-away edge kit

BSides PR 2019

Our President, @jfersec, had the privilege of Keynote during BSides PR 2019. During our presentation, we discussed some hard truth's around: the way DeepFakes and "WeakFakes" are utilizedhow we are good imitators and bad innovators [...]

By |October 16th, 2019|Categories: Case Study, Cyber, Defensive Methodology, Disclosure, Forensic, Incident Response, Laws, Legislation, Videos|Tags: , , , , , , , |Comments Off on BSides PR 2019

Open-Data wants to be free, but no one looks.

Problem: A few months ago, Giancarlo Gonzales, a former CIO for the island of Puerto Rico, indicated the lack of updates towards open-data in data.pr.gov. As part of an open-data initiative, Puerto Rico created its own [...]

By |September 29th, 2019|Categories: e-Discovery, Hunting, Scripts|Tags: , , , , , , |Comments Off on Open-Data wants to be free, but no one looks.

Case 1

Case 1. If you like the case study, hit us up and let us know. Take care. Malware Analysis on Hybrid-Analysis. case1Download

CompSec Direct now approved Cyber-security vendor in Maryland

CompSec Direct has been approved as a Qualified Maryland Cybersecurity Seller (QMCS) by the Department of Commerce of Maryland. This allows us to provide cybersecurity services to qualifying companies under the Buy Maryland Cybersecurity (BMC) [...]

By |August 15th, 2019|Categories: Contracts, Cyber, Defensive Methodology, Forensic, Hunting, News, Pen-testing, Social Engineering|Tags: , , , , , |Comments Off on CompSec Direct now approved Cyber-security vendor in Maryland

White pages are back!: Aeronet Wireless exposes customer info over SNMP

Problem CompSec Direct recently became aware of an information disclosure problem affecting Aeronet Wireless customers in Puerto Rico. In short, querying Shodan.io for Aeronet Wireless and SNMP presents publicly accessible information, such as customer names, [...]

By |October 12th, 2018|Categories: Disclosure, e-Discovery|Tags: , , |Comments Off on White pages are back!: Aeronet Wireless exposes customer info over SNMP

Data Mining PDF documents; using data conversion to reduce analysis time

Problem A month ago, we became aware of a way to harvest legal notifications from a government web-site. Link Here The web-server allows simple requests to be crafted in order to download PDF documents related to court [...]

By |May 31st, 2017|Categories: Automation, e-Discovery, Forensic, Scripts, Tesseract|Tags: , , , , , |Comments Off on Data Mining PDF documents; using data conversion to reduce analysis time