Linux: How’s My Memory

September 18, 2018 | By:

Windows in-memory injection is commonplace in current toolsets, there are quite a few methods to do it, and most of them are documented pretty well. Linux in-memory injection is essentially the same, however, not seen in toolsets quite as much. That is why, for this post, I am going to cover four different open-source methods…


Full Disclosure: Microsoft Lync for Mac 2011 susceptible to forced browsing / download attack

September 13, 2018 | By:

What is it? An attacker can force a user who is logged in with Microsoft Lync for Mac 2011 (< v14.4.3) to browse to a URL of their choice via a specially crafted instant message. This vulnerability exists due to poor input sanitation in the processing of message content submitted via PowerShell and the Lync…


Dumping Embedded Java Classes

September 06, 2018 | By:

A few months ago, I came across a piece of Java malware. This was a nice change of pace for me, since most of what I see is written in C/C++. The malware was heavily obfuscated using a common tool, Allatori v5.3. After working my way manually through decoding, I came to a point where…


Making the InfoSec Rounds

August 30, 2018 | By:

Special thanks to mumblingsages for giving me the idea for this blog. Let’s face it, we in the information security industry like conferences and talks. I’d wager it’s not because we like to hear ourselves speak, but because it’s a great way to set aside a short amount of time and learn something new. I find…


Tech Support Scams Are A Concern For All

August 20, 2018 | By:

Like many of you, I am the IT support for family and friends. As such, I get lots of calls concerning slow browsers, printers that won’t work, and questions that take me a few seconds to Google the answer to. However, in the last few weeks, I’ve gotten a few calls with a similar story….


Don’t Delay, Migrate Today (Away from SSL/Early TLS)

August 08, 2018 | By:

For those tempted to delay migration away from Secure Sockets Layer (SSL)/early Transport Layer Security (TLS)—don’t wait! This includes all versions of SSL and version 1.0 of TLS (TLS v1.1 and newer are fine). For Payment Card Industry Data Security Standard (PCI-DSS) compliance, you can’t simply migrate sometime before your next PCI audit. Rather, you…


Top 8 To-Dos for IoT Security

August 01, 2018 | By:

Let’s say you run an operational environment and you’ve spent years figuring out how to keep your production processes and core, life-enabling systems running at high efficiency and efficacy. But now, your IT group wants to connect your production and control systems to outside networks as part of new “IoT” (Internet of Things) initiatives. You…


Preparing for (IoT) Segmentation: Six Steps to Get Your Functional Requirements Right

July 12, 2018 | By:

Recently, a client of ours expressed interest in segmenting their existing, flat network. The existence of these types of non-segmented networks is still very prevalent, especially in the manufacturing, supply chain, and medical verticals. The primary reason the organization wished to move on this initiative was in an effort to reduce the scope of their…


How IoT and Digitization Are Driving Renewed Demand for Segmentation

July 11, 2018 | By:

Background The idea of Segmentation is pretty simple: put your crown jewels (i.e. your highest risk assets) in a small container, then heavily secure and monitor that. It is simply too difficult to secure everything equally. Why Now? With “digital” drivers to improve experiences, automate operations or change business models, there is now a need…


Building a “Quick” Lab Environment with Linux Containers

July 03, 2018 | By:

As a penetration tester, I often need to stand up small environments (and sometimes not so small) for a few different reasons—to try things out before making a mess of a client’s production system, to avoid being detected, or to use it simply for our own practice. A lot of us at TrustedSec are remote,…