Dumping Embedded Java Classes

September 06, 2018 | By:

A few months ago, I came across a piece of Java malware. This was a nice change of pace for me, since most of what I see is written in C/C++. The malware was heavily obfuscated using a common tool, Allatori v5.3. After working my way manually through decoding, I came to a point where…


TrustedSec Podcast Episode 3.2 – Airlines: E-mail and Intel

September 14, 2018 | By:

Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Geoff Walton, Hans Lakhan, Justin Bollinger, and introducing Logan Sampson Title: British Airways breach caused by the same group that hit Ticketmaster URL: https://www.zdnet.com/article/british-airways-breach-caused-by-the-same-group-that-hit-ticketmaster/ Author: Catalin Cimpanu Title:…


TrustedSec Podcast Episode 3.1 – Another Epic? Struts Exploit and PHP

August 31, 2018 | By:

Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Geoff Walton, Rob Simon, Justin Bollinger, and introducing Logan Sampson Title: Experts Urge Rapid Patching of Struts Bug URL: https://krebsonsecurity.com/2018/08/experts-urge-rapid-patching-of-struts-bug/ Author: Brian Krebs Title: Epic Games First Fortnite…


Making the InfoSec Rounds

August 30, 2018 | By:

Special thanks to mumblingsages for giving me the idea for this blog. Let’s face it, we in the information security industry like conferences and talks. I’d wager it’s not because we like to hear ourselves speak, but because it’s a great way to set aside a short amount of time and learn something new. I find…


TrustedSec CEO Discusses Fancy Bear, Phishing, and Sinkholes in WIRED

August 22, 2018 | By:

  Microsoft recently announced that it seized control of six domains owned by the Russian hacking group Fancy Bear, also known as APT28. TrustedSec CEO Dave Kennedy provided his thoughts on a specific technique used to uncover the group’s phishing attempts in a WIRED magazine article.


Tech Support Scams Are A Concern For All

August 20, 2018 | By:

Like many of you, I am the IT support for family and friends. As such, I get lots of calls concerning slow browsers, printers that won’t work, and questions that take me a few seconds to Google the answer to. However, in the last few weeks, I’ve gotten a few calls with a similar story….


TrustedSec Podcast Episode 3.0 – Why it matters where you put your luggage in Vegas

August 17, 2018 | By:

Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Geoff Walton, Rob Simon, Justin Bollinger, Ben Mauch, and David Boyd Title: Vegas – Where Thugs Come Into Your Room And Search Your Stuff https://www.secjuice.com/defcon-hotel-security-fiasco/amp/?__twitter_impression=true Author: Infosec Scribe…


TrustedSec CEO Talks Election Security with The Takeaway

August 14, 2018 | By:

How vulnerable are voting machines to hacking? DEFCON26, the world’s longest running and largest hacking conference, brings this topic back into the spotlight. Dave Kennedy joins The Takeaway to explain concerns nation-wide for the election process and more! Listen to the full interview here


Jason Lang on The Tech Night Owl Podcast

August 11, 2018 | By:

This episode presents ethical hacker Jason Lang of TrustedSec, who reports on the goings at a major hacking conference known as Black Hat. It’s one of the top cybersecurity events where a ton of new vulnerabilities and hacker tricks are revealed. This year, as usual, they are revealing new attacks on smartphones, wearables, computers and other personal…


Breaking Down the PROPagate Code Injection Attack

August 08, 2018 | By:

What makes PROPagate unique is that it uses Windows APIs to take advantage of the way Windows subclasses its window events. Check out Senior Security Consultant, Scott Nusbaum’s commentary on DarkReading. Read the full article here