Measuring the Impact of a Security Awareness Program

November 29, 2022
Our goal in building a security awareness program is to embed security into our partners’ existing organizational culture. Impacting culture is a long-term process that can take years and requires executive support. If you are tasked with managing a security awareness program, it is your job to measure and show leadership that your program is...
Linus History File Timestamps on the TrustedSec Security Blog

Linux History File Timestamps

November 15, 2022
While working at TrustedSec, I was issued a new company-furnished laptop to work from. While the Mac OS environment was useful, I found it useful to also setup an Ubuntu virtual machine. One reason is so I can have access to a Linux host that is very similar to the garden variety of Linux systems...

Active Directory for Script Kiddies

November 10, 2022
Introduction It seems like all these corporate types are using Active Directory. What is this “Active Directory”? And how can I use it to make my job as a Script Kiddie easier? Active Directory (AD) is a directory service developed by Microsoft for Windows networks and computers. A directory service is a shared database for...

Auditing Exchange Online From an Incident Responder’s View

November 8, 2022
Business Email Compromise (BEC) within the Microsoft 365 environment is becoming a more common attack vector. In case you’re unfamiliar with what exactly BEC entails, it’s when an attacker or unauthorized user gains access to a business email account via social engineering. Most commonly, an attacker compromises an account, intercepts email conversation(s), and uses this...

Windows Processes, Nefarious Anomalies, and You: Threads

November 3, 2022
In part 1 of this blog mini-series, we looked at memory regions and analyzed them to find some potential malicious behavior. In part 2, we will do the same thing with enumerating threads. Nobody explains it better than Microsoft—here is their explanation of what a thread is: “A thread is the basic unit to which...

Windows Processes, Nefarious Anomalies, and You: Memory Regions

November 1, 2022
While operating on a red team, the likelihood of an Endpoint Detection and Response (EDR) being present on a host is becoming increasingly higher than it was a few years ago. When an implant is being initiated on a host, whether it’s on-disk or loaded into memory, then there is a lot to consider. In...
  • Browse by Category

  • Clear Form