A Developer’s Introduction to Beacon Object Files

July 16, 2020
With the release of Cobalt Strike 4.1, a new feature has been added that allows code to be run in a more OPSEC friendly manner. This is implemented through what has been termed Beacon Object Files (BOFs). In this post, I will outline some of the less obvious restrictions of BOFs and share my workflow...

Using Azure to Address Endpoint Hygiene Management

July 14, 2020
Remote workers are set up, but endpoint management is still an issue Setting up a remote workforce during the COVID-19 pandemic presented a huge challenge, especially trying to get so much done in such a short time frame. While getting extra Zoom licenses was likely pretty easy, there are more challenging issues surrounding remote sharing...

8 Keys to Writing Safer Code

July 9, 2020
All too often, security in code is an afterthought. There’s a reason that bug bounties are so prevalent; as codebases get larger, testing gets harder. Add in the time constraints of a “move fast and break things” mentality and it’s no wonder so many security issues arise. The basics might be there, encrypted connections, hashed...

Become The Malware Analyst Series: Malicious Code Extraction and Deobfuscation

July 7, 2020
In this video, Senior Incident Response & Research Consultant Scott Nusbaum demonstrates a method to extract and deobfuscate code from a malicious document. Upon rendering the code readable, Nusbaum works to gain an understanding of the goals the malware was attempting to accomplish and the processes by which it undertook that effort. This video is...

Microsoft MVP Awards 2020

July 2, 2020
Who are MVPs? According to Microsoft, “Most Valuable Professionals, or MVPs, are technology experts who passionately share their knowledge with the community.” For more information on this award, visit the Microsoft MVP Overview page. Two members of the TrustedSec team are celebrating being recipients of the award from Microsoft—and both have received the honor in...

CVE-2020-2021: PAN-OS SAML Security Bypass

July 2, 2020
On June 29, 2020, Palo Alto released information on a Security Assertion Markup Language (SAML) authentication bypass CVE-2020-2021. Palo Alto published the advisory PAN-148988 for a critical issue affecting multiple versions of PAN-OS. An Overview of the Vulnerability Description: With network access to a device running a vulnerable version of PAN-OS and configured to use...
  • Browse by Category

  • Clear Form