Uber Hack and Cover-up, Featuring David Kennedy-MSNBC

November 27, 2017 | By:

Former NSA hacker David Kennedy speaks about the implications of the Uber hack and whether the company should have reported the data breach. Click Here: Uber Hack and Cover-Up, Featuring David Kennedy-MSNBC

TrevorC2 – Legitimate Covert C2 over Browser Emulation

October 27, 2017 | By:

TrustedSec is proud to announce the release of the TrevorC2 HTTP(s) command and control (C2) open source framework. TrevorC2 is a client/server model for masking command and control through a normally browsable website. Detection becomes much harder as time intervals are different and does not use POST requests for data exfiltration. There are two components…

After Las Vegas shooting, Nevada officials go after sham websites seeking donations – Fox News, Featuring Alex Hamerstone

October 12, 2017 | By:

The Nevada Attorney General’s office is investigating reports of fake online charities collecting donations on behalf of victims that were killed or wounded at a shooting at a country music festival in Las Vegas Oct. 1. Officials are partnering with GoFundMe and other social media sites to take down these fraudulent pages. There has been…

Anyone who uses Social Security Numbers for security is crazy… – Yahoo Finance, Featuring Alex Hamerstone

October 03, 2017 | By:

The Equifax hack that compromised 143 million Social Security numbers didn’t just destroy the country’s trust in credit bureaus; it also most certainly killed the use of SSNs for security and identity authentication. The nine-digit SSN has been used for this purpose for years. Typically, the last six digits of a SSN are used because…

DHS vs. Kaspersky Lab: Why the US government is ditching the Russian software giant. – Fox News, Featuring Alex Hamerstone

September 14, 2017 | By:

The Department of Homeland Security’s decision to ban federal agencies and departments from using products from Moscow-based cybersecurity firm Kaspersky Lab comes as no surprise, say security experts.  Officials say that the prominent company poses a threat to U.S. national security and have given government agencies and departments 90 days to get rid of Kaspersky…

How to Stop the Next Unstoppable Mega-Breach or Slow it Down – Wired, Featuring Alex Hamerstone

September 12, 2017 | By:

The recent, massive Equifax data breach, which put 143 million US consumers’ personal data at risk—including names, Social Security numbers, birth dates, addresses, and some drivers license and credit card numbers—drove home the dangers facing any organization that stores a valuable trove of data. But awareness alone hasn’t stopped or even slowed the recent slate of mega-breaches,…

Attacking Self-Hosted Skype for Business/Microsoft Lync Installations

August 11, 2017 | By:

TL;DR: How to attack self-hosted Skype for Business (Lync) servers. If you’re using O365 wait for the next post. Note: For the sake of brevity throughout this post, Skype for Business and Microsoft Lync will both be referred to under the umbrella designation of ‘Skype4B’. When companies choose to host Skype for Business (previously Microsoft…

TrustedSec Expands with Four New Additions

August 08, 2017 | By:

TrustedSec continues to grow based on reputation, brand, and most importantly the services we provide to our customers. We have added four amazing new members for both the Force team (our technical crew) and the Advisory Services (PCI, Office of CISO, and Risk Assessment) group. New additions to the team (alphabetical order): Jason Lang (@curi0usJack),…