From the Desk of the CEO: Securing the Future – Junior and Internship Programs

January 16, 2020
When TrustedSec first started, the vision was to build a team of amazing individuals that were passionate, dedicated, and focused on helping organizations fix the issues they face in cybersecurity. While we may have accomplished this, there’s always more to do. At TrustedSec, our mission to contribute to the industry and community has always remained...

NetScaler Honeypot

January 13, 2020
The Citrix NetScaler remote code execution vulnerability (CVE-2019-19781) has been a pretty popular topic over the last few weeks. Once public exploits of the vulnerability started to appear in the wild, TrustedSec deployed a Citrix NetScaler honeypot. We did not have to wait long for the attacks to begin. Less than 24 hours after deployment,...

Critical Exposure in Citrix ADC (NetScaler) – Unauthenticated Remote Code Execution

January 10, 2020
On December 17, 2019, Citrix released a critical advisory that allows for remote code execution. Advisories like these come out often for organizations, and critical exposures are nothing new for any company. However, when digging into the remediation step details, this advisory gave a substantial amount of information on the exploit itself. What makes this...

Rekt by the REX

January 9, 2020
The request-to-exit (REX) passive infrared (PIR) sensor. You know the one. Spray canned air or smoke in its face, it becomes disoriented and unlocks the door. Spit a mist of alcohol in its face, it gets a buzz and unlocks the door. The butt of many “jokes” for how easily it provides unauthorized entry, but...

SELinux and Auditd

January 7, 2020
In this blog post, I will discuss SELinux and Auditd, how to use them, how to determine what the default policies are doing, and how to add new ones. For those who do not know what SELinux is, it stands for Security-Enhanced Linux. More details about SELinux can be found in the resources section at...

Red Team Engagement Guide: How an Organization Should React

December 5, 2019
A lengthy Red Team engagement is coming. What should the defense do if they catch the offense? Reimage systems? Notify and allow? What is the course of action that allows the engagement to proceed and deliver maximum value to the organization? These can be difficult questions to answer, but ones that companies procuring these tests...
  • Browse by Category

  • Clear Form