Companies on High Alert for Unemployment Fraud

April 15, 2021
Proactive Measures to Thwart Unemployment Fraud In the past few months, the TrustedSec Incident Response team has responded to several incidents of unemployment benefit fraud. Due to the pandemic and nationwide lockdowns, there has been an extremely high volume of unemployment claims submitted across the United States, and with greater instances of fraud making it difficult...

Who Left the Backdoor Open? Using Startupinfo for the Win

February 18, 2021
In the endless quest to research additional Windows system forensic artifacts to use during an Incident Response investigation, I stumbled across something I thought was cool. This definitely wasn’t a new artifact, it was just a specific native Windows XML file that I wasn’t aware of. I noticed this file was not commonly used from...

SMS Phish – An Incident Walkthrough

September 3, 2020
Opener The goal of this blog post is to provide an approach to analyzing a text-based phish link. I will primarily focus on the initial steps to properly view the phish site from a non-mobile browser, provide OPSEC setup and browsing analysis recommendations, and conclude with defense measures to protect against such attacks. Analysis Background...

Adventures in Phishing Email Analysis

June 18, 2020
Opening Phishing attacks are a daily threat to all organizations and unfortunately, they are one of the hardest threats to protect against. No matter how many defensive layers an organization has put in place following best practice defense-in-depth design, it only takes one (1) user to click on that malicious link or open that weaponized...

Breaking Into InfoSec – A Beginners Guide (Part 2)

April 23, 2020
Opening In part one of this blog post series, we covered some personal backstory of my journey into InfoSec, went over putting a plan together for your next InfoSec mission, recommended some InfoSec immersion ideas, and provided some guidance around seeking out a mentor. If you haven’t had a chance to read the first part...

Breaking Into InfoSec – A Beginners Guide (Part 1)

April 21, 2020
Opening In this blog post, I will cover strategies that worked for me while transitioning out of the Air Force (over 20 years ago) having ZERO formalized IT training and ZERO on-the-job-training (OJT) in the field. Although this was a long time ago 🙂 and my path led to an IT position, the preparation and...
  • Browse by Category

  • Clear Form