Offensive services - Metabase Q

Offensive solutions

Find Security Control Gaps

To improve your monitoring & detection capabilities

Global reach with regional expertise. Founded in 2018 leaders in cybersecurity, we take global best practices combined with regional expertise.

Join us in Las vegas!

PAYMENT SYSTEMS: THE ART OF ANALYZING MAG-STRIPE, TOKENIZATION, NFC AND EMV TECHNOLOGIES

The Team

This Is How We Roll

Security Researchers

With 16+ years of professional experience covering security services and as speakers at top events such as Defcon, REcon, and Blackhat

Changing the industry

Security services that are opposite to the stereotype services offered by 99% of LATAM providers

Always at the frontline

Protecting worldwide enterprises working as researchers at FireEye, Symantec, Palo Alto Networks

Thought leadership

Published books and create tools that are widely used by security consultants

APT Simulation

APT Simulation for Security Validation

Our advanced persistent threats are designed to raise awareness among your employees.

We run controlled ransomware as a service to test playbooks, incident response procedures and security policies.

We constantly simulate the latest malware variants and techniques:

Malicious attack simulations

Across the four main APT infection phases: Phishing, Endpoint, Lateral Movement and Exfiltration.

Time to Detect & Response Improvements

How long it takes for the SOC to realize the company is under attack? And how long it take to eradicate it? We help to measure and improve!

Strategic consulting
Security assessment
DevSecOps architecture implementation
Compliance assessments
Advisory
Assist during audit processes
Periodic alerting
Emergency alerting
Assist customers

1

Attacks on the mail gateway to deliver malicious e-mails

2

Controlled malware execution and exploits on endpoints

3

Lateral movement techniques to gain access to additional resources

4

Execution of data exfiltration techniques

THREAT INTELLIGENCE

Threat Intelligence Focused on LATAM

Continuous improvement across advanced threat intelligence

How it works

Phishing and Suspicious sites

Identifying sources of phishing, spam companies, trojans, and fraudulent ads co-locating sites in search engines.

Metadata

Reviewing hosted document identification in your sites, to prevent revealing important information to potential attackers.

Brand monitoring

Identifying those using your brand without authorization, whether in open or closed spaces across profiles, accounts, user names, pages, and blogs.

Malware

Reverse engineering malware that infects campaigns and infrastructure, to extract malicious artifacts and enable proactive protection.

Deep Web & Darknet

Monitoring closed sources such as underground and cybercrime forums, black markets, and active adversaries to protect from illicit publishing of information.

VIP Monitoring

Analyzing the wide range of Ocelot threat sources to protect executives, identifying what information should not be public, and what online activities can lead to identification.

Relevant Adversaries

Surveilling ongoing threats specific to industries to identify the techniques, tactics and procedures (ttps) of dangerous adversaries, and better prepare protection for likely attacks.

Data leaks

Analyzing the sources collecting third party data, to ensure public repositories do not expose sensitive information, and also capture pastebins-type sites which reveal organizations’ credentials.

PENTESTING

PoS Pentesting for Security Validation

The goal of this service is to evaluate the security of point-of-sale devices from three attack vectors: hardware, software and signaling, allowing the proactive identification of vulnerabilities as well as a continuous improvement in the configuration and hardening of these devices.

Expertise in mobile banking application analysis

Validation of security in communication channels
Validation of sensitive data
Interaction with APIs
Functionality testing at API endpoints
Functionality exposed to other applications
Validation of application security methods
Validation of methods against modifications and manipulation in the applications.
Android and iOS coverage
Reverse engineering ARM-based libraries

Test Bed Setup

In this initial stage, the device is replicated in our laboratory to understand and test its end-to-end operation.

Blackbox

Attacks at the hardware level trying to obtain sensitive information that allow us to understand the operation of the device, such as Firmware or Flash Memory extraction.

Main-In-The-Middle

Attacks without taking advantage of device knowledge: With our own technology through ELMA, we verify the communication between PoS and card at EMV and SIM card level.

Whitebox

Identification of vulnerabilities by analyzing the source code of components including but not limited to: authentication bypass, encryption errors, privilege escalation, information disclosure, local and remote code execution, device impersonation, etc.

Protocol Stack level Pentest

ATM SECURITY VALIDATION

ATM Pentesting for Security Validation

Penetration tests efforts are focused on performing attacks on the main ATM components (Dispenser and CPU Core) with a view to demonstrate attack scenarios according to the following categories of abuse:

Independent compliance validation and/or QA requirements Security to reduce ATM operation risk

Hardware and Software Security Validation to reduce supply chain risk.

PENTESTING

Payment Switch Pentesting

We review authorizers at the Banking/Transactional Switch level for ATM and PoS, identifying transactions being approved erroneously, unplanned reversals, abends affecting service availability, PCI violations. Our methodology is agnostic to the Busy Switch technology: Base24, Postilion, ACCL, ACH Transfers, Device Handlers, T24, etc. We released the first and only transactional switch secure code guide which covers the following points:

Bad Memory: Errors in the handling of index, tokens and variables in the transaction.
Bad File: Errors related to file handling causing read and write errors and erroneous pointers at memory level affecting service availability
PCI Violation: We validate the protection of banking information in motion and at rest.
Abends: Unexpected generation of abends during operation with tokens, memory and memory file uploading.
Analysis on the implementation of the protocol for secure authentication dsd.

Device Handlers:Device drivers for PoS and ATMs are evaluated to ensure correct processing of received messages

Covered points shown in the diagram.

Reach out directly to our experts

+52 55 2211 0920

+1 (213) 348-7431

Experience our unique offense and defense all-in-one cybersecurity solution

Our cybersecurity experts are ready to help.
Either fill out the form or reach out directly to our experts for a call or meeting

Name

Last Name

Title

Email

Phone

Company

Country

Message

Suscription
I would like to receive marketing emails from Metabase Q about events, solutions and news.