CEO David Kennedy discusses Draft Security on CNBC’s The Exchange

July 08, 2019 | By:

The hacking advisor for the Cleveland Cavaliers, Dave Kennedy joins The Exchange on how NBA franchises are protecting their game strategy and players’ data.

CEO David Kennedy quoted in WIRED regarding ransomware and local government

July 01, 2019 | By:

“There’s definitely an increase or uptick in the amount of ransomware campaigns that we’re seeing out there, but it’s not specific to municipalities or state or federal organizations, it’s just pretty much across the board in every industry vertical,” David Kennedy in this WIRED feature published in light of attacks on local and municipal governments…

CEO Dave Kennedy provides insights to WSJ in ‘NBA Strives to Protect Secrets From Hackers’

June 10, 2019 | By:

Information teams store about their athletes, prospects and fans, can entice hackers, said David Kennedy in this Wall Street Journal article. “There’s a lot of money involved in this now, particularly with the legalization of gambling, where any type of inside information, forecasting or understanding of what an organization is doing can yield a high…

Tracing DNS Queries on Your Windows DNS Server

July 16, 2019 | By:

During a recent engagement, I successfully deployed a wildcard Domain Name System (DNS) record in conjunction with Responder. Within minutes, a misconfigured host made a query for a non-existent DNS record and was poisoned into connecting to our Responder instance. Unfortunately, the account was privileged enough that domain compromise was achieved. The techniques and tools…

Webinar: Network Segmentation for the Rest of Us! How to get your segmentation project moving toward zero trust.

July 16, 2019 | By:

Join us Wednesday, July 24 at 1:00PM Eastern The idea of segmenting your network is not new. However, even in 2019, we still see companies with flat networks ripe for attack. This provides a much greater opportunity for malicious actions or even accidental incidents to occur. The benefits are clear. Splitting up your network into…

Mobile Hacking: Using Frida to Monitor Encryption

July 09, 2019 | By:

This post will walk you through the creation of a Frida script that will be used to demonstrate the usage of the Frida Python bindings. The Frida script will be used to monitor encryption calls and capture details about the encryption type and keys in use. We will learn how to send messages from Frida…

TrustedSec Podcast Episode 3.16 – Pay the Ransoms

July 05, 2019 | By:

Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Geoff Walton, Hans Lakhan, Alex Hamerstone and David Boyd Title: Firms That Promised High-Tech Ransomware Solutions Almost Always Just Pay the HackersURL: Author: Renee Dudley and Jeff…

Microsoft MVP Awards 2019

July 02, 2019 | By:

Who are MVPs? Microsoft Most Valuable Professionals, or MVPs, are technology experts who passionately share their knowledge with the community. For more information on this award, visit the Microsoft MVP Overview page. According to Microsoft, MVPs “are always on the ‘bleeding edge’ and have an unstoppable urge to get their hands on new, exciting technologies.”…

Webinar: Attack Simulation TTPs: Group Policy and Audit Setting Enumeration with Carlos Perez

June 11, 2019 | By:

This was recorded on Wednesday June 19th at 1PM Eastern Situational awareness is key when one lands access on a target system as part of an attack simulation. Knowing what controls are present and which are likely present allows performance of a proper threat assessment for the access that has been obtained. This information is…

On the possibility of obfuscating code using neural networks

June 11, 2019 | By:

In this blog post, I will cover the current state of my research investigating the possibility of using neural networks to hide shellcode. But before we dig in, I will provide a little background information. For those unfamiliar with neural networks, they are a type of computer system design that is inspired by how human…