Is Ohio Senate Bill 220 an Example for the Other 49 States?

May 16, 2019 | By:

Passing with 24 yeas and 8 nays, effective as of November 2, 2018, Ohio Senate Bill 220 was touted as a way to use the ‘carrot approach’ for organizations to increase cybersecurity. This incentive was to encourage the shielding of data breach liability for organizations in certain situations. Excerpts from the bill are provided below….


Owning O365 Through Better Brute-Forcing

May 14, 2019 | By:

TL;DR: User Enumeration is key. Done enumerating? Do more. The classic passwords still work. Once you get some credentials, get more. Office 365 (O365) has become a trend in organizations. More and more, administrators are offloading their mail to The Cloud™. No longer are admins shackled to their Exchange servers, executing patch after patch in…


TrustedSec Podcast Episode 3.14 – Pi

May 10, 2019 | By:

Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Geoff Walton, Scott White, Justin Bollinger, and David Boyd! Stories Title: Exposing lockbox rental scam URL: https://www.cbs46.com/investigations/better_call_harry/better-call-harry-exposing-lockbox-rental-scam/article_d9a7242a-6ae4-11e9-bad4-b3ba30648147.html Author: Harry Samler (CBS46 Atlanta) Title: In a first, Israel responds…


Webinar: Container Security & Compliance

April 30, 2019 | By:

Please note that this webinar was recorded on May 15, 2019. A growing trend. Using containers has been an increasing trend over the years as most companies are leveraging services to streamline their development needs. As this trend grows, many security professionals struggle to effectively layer the organization’s compliance obligations into these environments. …with growing…


TrustedSec comments on potential hacking of local airport systems

April 29, 2019 | By:

On Sunday April 21, 2019, travelers at Cleveland’s Hopkins International Airport noticed that the screens typically displaying flight information were not functioning correctly. The Mayor’s office then commented that the airport is experiencing “isolated technical issues,” which did not affect flights to or from the airport. TrustedSec consultants including GRC practice lead Alex Hamerstone and…


TrustedSec Podcast Episode 3.13 – The Law, Passwords, 5G and GRC

April 26, 2019 | By:

Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Geoff Walton, Rob Simon, Justin Bollinger, and David Boyd! Stories Title: The Feds Are Dropping Child Porn Cases Instead of Revealing Info on Their Surveillance Systems URL: https://reason.com/2019/04/24/the-feds-are-dropping-child-porn-cases-instead-of-revealing-info-on-their-surveillance-systems/…


Next Gen Phishing – Leveraging Azure Information Protection

April 25, 2019 | By:

In this blog post, I will go over how to use Azure Information Protection (AIP) to improve phishing campaigns from the perspective of an attacker. The idea came during an engagement where I was having trouble getting phishing emails into users’ inboxes without being caught by a sandbox on the way. During this engagement, it…


TrustedSec CEO David Kennedy on the prospect of hacking self-driving cars

April 23, 2019 | By:

Founder and CEO David Kennedy joins Fox Business to tackle multiple headlines related to Tesla and autonomous vehicles.


Invoice Fraud is Soaring – What you need to know

April 23, 2019 | By:

Organizations are losing thousands—and sometimes millions—of dollars from invoice fraud, which is also known as Business Email Compromise (BEC). At TrustedSec, we have seen a marked uptick in panicked, embarrassed, and/or angry folks reaching out to us for Incident Response and forensics work following a scam. Sometimes, organizations are able to recover some or all…


TrustedSec CEO Dave Kennedy discusses Assange Hacking on Fox Business

April 15, 2019 | By:

TrustedSec CEO Dave Kennedy appears on Neil Cavuto to discuss the history of Julian Assange and how his breaches have impacted domestic cybersecurity.