Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
A Hitch-Hacker's Guide To DACL-Based Detections - The Addendum
This blog was co-authored by TAC Practice Lead Megan Nilsen and Andrew Schwartz.1 IntroductionLast year, Andrew and I posted a four (4) part blog series…
Observations From Business Email Compromise (BEC) Attacks
Since joining TrustedSec, I have gotten to work numerous cases, and each of them is like unraveling a mystery to get at the truth—especially the situations…
From Chaos to Clarity: Organizing Data With Structured Formats
1.1 IntroductionAbout a year ago, we introduced a logging utility into our internal tooling on the Targeted Operations team to standardize how we output…
Securing Sensitive Data: How Ransomware Challenges the Healthcare Industry
The healthcare industry is a prime target for ransomware attacks due to the critical nature of its services and the sensitive data it handles. This blog post…
From Error to Entry: Cracking the Code of Password-Spraying Tools
Discover how to effectively onboard MFA for Office 365 users with MSOLSpray, and unlock remote access with our expert guide.
Failure to Restrict URL Access: It’s Still a Thing
Discover feature flags and modify responses using Burp Suite's Match and Replace rules or Reshaper plugin to enhance your web application testing capabilities.
Introducing PCI's New Self-Assessment Questionnaire
The PCI DSS 4.0 transition deadline is approaching on April 01, 2024, and we have a new type of reduced-scope self-assessment questionnaire (SAQ) to go with…
Unwelcome Guest: Abusing Azure Guest Access to Dump Users, Groups, and more
Enumerate Azure AD users and groups with guest access, exploiting default settings to reveal hidden user lists and group membership.
Behind the Code: Assessing Public Compile-Time Obfuscators for Enhanced OPSEC
LLVM obfuscation passes show minimal impact on native executable detection rates, with some exceptions.
Weaponization of Token Theft – A Red Team Perspective
This blog is the start of several deep dives into the weaponization of token theft. The focus of this blog will be on conditional access around devices and…
MailItemsAccessed Woes: M365 Investigation Challenges
F5 Compliance add-on helps investigate email attacks, providing Mailbox Audit Logs (MALs) and insights into Create, Update, and other events for a more…
CMMC NOPE: Why You Don’t Need to be CMMC Compliant
As a Cybersecurity Maturity Model Certification Registered Practitioner Organization (CMMC-RPO), TrustedSec fields many requests from organizations looking for…
Loading...