Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
From Chaos to Clarity: Organizing Data With Structured Formats
1.1 IntroductionAbout a year ago, we introduced a logging utility into our internal tooling on the Targeted Operations team to standardize how we output…
Securing Sensitive Data: How Ransomware Challenges the Healthcare Industry
The healthcare industry is a prime target for ransomware attacks due to the critical nature of its services and the sensitive data it handles. This blog post…
From Error to Entry: Cracking the Code of Password-Spraying Tools
IntroductionFirst things first, all of the tools in this blog post are really great tools and I have used most of them. (Thanks to the authors of the tools to…
Failure to Restrict URL Access: It’s Still a Thing
Here are some brief thoughts about an old issue. If you are a full-time application security professional, stop reading. You know all about this, you know…
Introducing PCI's New Self-Assessment Questionnaire
The PCI DSS 4.0 transition deadline is approaching on April 01, 2024, and we have a new type of reduced-scope self-assessment questionnaire (SAQ) to go with…
Unwelcome Guest: Abusing Azure Guest Access to Dump Users, Groups, and more
Abusing Guest Access: Dumping User Lists and Group Membership with Guest Access in Azure ADThis post will walk through a user, group, and application…
Behind the Code: Assessing Public Compile-Time Obfuscators for Enhanced OPSEC
Recently, I’ve seen an uptick in interest in compile-time obfuscation of native code through the use of LLVM. Many of the base primitives used to perform these…
Weaponization of Token Theft – A Red Team Perspective
This blog is the start of several deep dives into the weaponization of token theft. The focus of this blog will be on conditional access around devices and…
MailItemsAccessed Woes: M365 Investigation Challenges
Email compromises within Microsoft 365 are too common these days. The TrustedSec Incident Response team receives a lot of calls to investigate M365 email…
CMMC NOPE: Why You Don’t Need to be CMMC Compliant
As a Cybersecurity Maturity Model Certification Registered Practitioner Organization (CMMC-RPO), TrustedSec fields many requests from organizations looking for…
Hardware Hacking: Plunder With a Bus Pirate
For this blog, I'm going to assume you have a Bus Pirate, you are able to access its terminal, and you are ready to use it—but what are you going to use it on?…
Offensive Lab Environments (Without the Suck)
WhatHave you ever been in an engagement where you need to test an evasive payload or technique, but you lack the time or resources to spin up a replica lab…
Loading...