Menu Security Signal

Decades of combined experience in the cybersecurity and startup fields give us an edge when it comes to fully understanding your business’ security needs.

We work alongside some of the top hackers in Latin America, and have a portfolio that includes large retail and consumer brand, as well as government, among the organizations that have trusted us to help them secure their apps and networks.

Our clients

Falabella
Red Link
Andesmar
Autofact
Godzillion
Yu-track
Getonboard
Apiux
Tuten

Make your services as secure as they can be.

Contact us

Recognitions

2015

Ekoparty Security Conference

First place

2016

AndSec Security Conference

First place

2016

DragonJAR Security Conference

Second place

2017

Charrua Conference Uruguay

First place

2017

Ekoparty Security Conference

Third place

2018

Faraday CTF - Ekoparty

First Place

Services

Let's talk about protecting your business and your users.

Contact us

BLOG

August 21, 2019

CVE-2019-9960: Arbitrary File Download in LimeSurvey

by Federico Fernandez

Read more ›

June 6, 2019

A Tale of RCE: Nextcloud + Extract App

by Alejandro Parodi

Read more ›

May 15, 2019

How I hacked a whole EC2 Network during a Penetration Test

by Federico Fernandez

Read more ›

Vulnerability Reports

Disclosed Vulnerability Reports

Report ID CVSS Score Title Report Date CVE Number Vendor Author
Signal-2019-006 7.6 XML Entity Injection OOB 08-05-2019 - - Alejandro Parodi
Signal-2019-005 9.0 Arbitrary File Read/Write 07-05-2018 - - Alejandro Parodi
Signal-2019-004 9.0 Remote Code Execution: Abusing Java Module 04-05-2019 - - Alejandro Parodi
Signal-2019-003 8.0 Remote Code Execution via Deserialization in Backup Extension 02-05-2019 - - Federico Fernandez
Signal-2019-002 9.0 Remote Code Execution via Extract Add-on 23-04-2019 CVE-2019-12739 Nextcloud Alejandro Parodi
Signal-2019-001 8.7 Arbitrary File Download 08-03-2019 CVE-2019-9960 LimeSurvey Federico Fernandez
Signal-2018-002 7.0 Blind SSRF in mybackpack.php 27-11-2018 CVE-2019-3809 Moodle Alejandro Parodi
Signal-2018-001 8.0 Authenticated Remote Code Execution (BOF) 29-08-2019 CVE-2018-16119 TP-Link Alejandro Parodi