Ocelot, is the leading Offensive Security team in Latin America. This elite team of researchers represents the best of the best, partnered together to transform cybersecurity in the region. Ocelot threat intelligence, research and offensive skills power Metabase Q's solutions.Our Services
Our team has seen it all. We've held critical roles in Red Teams, Blue Teams, APT monitoring, malware and exploit analysis, and deciphering cybercriminal techniques, tactics and procedures.
Our researchers have been speakers in the most important conferences worldwide such as REcon Canada, Defcon, and Blackhat USA. They are co-authors of security books such as "Show me the e-money" and others
Our team is made up of world-class researchers committed to bringing the best security from around the world to Latin America.
We created a team of top security researchers that are book authors, speakers at Defcon, BlackHat and RECon with proved successful experience to offer you the most comprehensive penetration testing with actionable results.
In our advanced persistent threat (APT) simulation, we offer a real simulation of attacks from real criminals worldwide to gain a clear perspective of your team's and security products' detection and response times in the different levels of your network as well as the procedures and people involved. We use real attack techniques, tactics, and procedures certified by MITRE ATT&CK. We're the only ones in Latin America who develop their own attack framework. We're not just running some third-party tools, we're building them.
We are experts on MST, the new Samsung Pay technology, and more complex relay attacks on NFC.
Services offered include:
We are the world’s leading experts in BASE24 and TAL code review. Our leading-edge systems vulnerability detection is the first on the market.
Our state-of-the-art ATM laboratory is the first of it's kind. We enable companies to improve their ATM cybersecurity programs rapidly and effectively. In our laboratory, we offer various customized services based on your needs and your fleet models.
Services offered include:
Get your device secure before getting it to the market. We perform penetration testing on IoT devices before they begin production to identify vulnerabilities at:
We offer a proactive and responsive approach to comprehensively understand your specific ICS cybersecurity environment, mitigate risks, and respond to threats with confidence.
Our specialized practice combines technology and people to offer the following services:
In recent months, the buying habits that are made through cards have changed. Now more than ever, the financial sector must be at the forefront of protecting customer data, complying with PCI and ensuring that electronic funds transfers made from a point-of-sale terminal or e-commerce site up to the card issuer is successful. Data and funds traveling through the BASE24 electronic transaction application must be protected at source code level. The personalized adjustments that each financial entity makes to the object code can generate some vulnerability.
Metabase Q’s team of specialists helps detect failures in BASE24 code modifications (CSMs) by generating a personalized strategy based on the needs of its clients, reviewing the code's logic in search of authorization, configuration or data problems. Among the problems we are looking for are: erroneously authorized transactions, denial of service, authorization of fraudulent transactions, loss of information, dispersion of sensitive data, loss of information in the console, memory problems such as indexes and tokens, erroneous reading to LCONF, closing files and memory dumps.
The rise in attacks on ATMs has also been reflected in their physical integrity. For example, one of the most common cases is reverse cash withdrawal operations in which a physical alteration of the ATM is made to withdraw money and cancel the withdrawal before the successful registration of the same.
Our team identified the modus operandi of this fraud, solving the physical vulnerability. A logical strategy was also designed to have real-time visibility of fraudulent transactions, in order to be able to avoid them and track those who carry them out.
In one of the cases we witnessed, the attackers prepared a malware-laden hard drive beforehand and swapped it for the original hard drive of the ATM. This was done by using a device, such as a counterfeit peripheral device, to infect the ATM.
Our team of specialists, carried out a forensic analysis of the ATMs where they detected a new family of Ploutus malware. This made it possible to obfuscate missing amounts, so when the malware was found, it was possible to patch the vulnerabilities and trace the money. Likewise, a series of recommendations were made to maintain the security of the ATMs and carry out a security strategy.
Send us your information and a brief summary of what you're looking for and our experts will start working with you right away to get you the cybersecurity you deserve.