Securing a Remote Workforce: Top Five Things to Focus on For Everyone

March 25, 2020
Deploying a remote workforce is uncharted territory for some organizations, while others have been perfecting the model for years. Most security programs have different ways to handle their workforce. For on-premise users, which has traditionally used more of castle mentality where you attempt to prevent outsiders from penetrating the network perimeter (similar to a castle...

From the Desk of the CEO: Remote Security Testing vs. On-Site Testing—Understanding the Difference

March 19, 2020
With the COVID-19 pandemic underway, we’ve all had to adjust in ways we would have never imagined. Talking with peers in the industry, having to stand up a complete remote workforce overnight has been both challenging and rewarding. While there are bound to be hiccups and lapses in security, the ability for organizations to be...

From the Desk of the CEO: Securing the Future – Junior and Internship Programs

January 16, 2020
When TrustedSec first started, the vision was to build a team of amazing individuals that were passionate, dedicated, and focused on helping organizations fix the issues they face in cybersecurity. While we may have accomplished this, there’s always more to do. At TrustedSec, our mission to contribute to the industry and community has always remained...

Critical Exposure in Citrix ADC (NetScaler) – Unauthenticated Remote Code Execution

January 10, 2020
On December 17, 2019, Citrix released a critical advisory that allows for remote code execution. Advisories like these come out often for organizations, and critical exposures are nothing new for any company. However, when digging into the remediation step details, this advisory gave a substantial amount of information on the exploit itself. What makes this...

A Message of Support: Coalfire Consultants Charged

October 30, 2019
If you haven’t been following recent news, two Coalfire employees, Gary DeMercurio and Justin Wynn, were performing a Physical Penetration Test against a Judicial Branch Building, the Dallas County Courthouse in the state of Iowa. The two employees were engaged by the Iowa State Judicial Branch to conduct the Physical Penetration Test, which is an...
weaponization code graphic

Weaponizing .SettingContent-ms Extensions for Code Execution

June 15, 2018
Matt Nelson (@engima0x3) from SpecterOps recently released a blog post on leveraging a newly discovered filetype extension with the possibility of command execution. This was a fantastic blog, and as attackers, we typically try to find multiple ways to execute code from different delivery systems. This blog is leveraging the awesome research from Matt and...
  • Browse by Category

  • Clear Form