GDPR // Five Important Considerations

August 21, 2017 | By:

The EU General Data Protection Regulation (GDPR) is a regulation that was approved in 2016 and scheduled to be enforced by May 25, 2018. Many customers ask, what is GDPR? It was developed to strengthen the rights of individuals in the European Union (EU). The regulation was implemented to control EU citizens’ personal data and…

Attacking Self-Hosted Skype for Business/Microsoft Lync Installations

August 11, 2017 | By:

TL;DR: How to attack self-hosted Skype for Business (Lync) servers. If you’re using O365 wait for the next post. Note: For the sake of brevity throughout this post, Skype for Business and Microsoft Lync will both be referred to under the umbrella designation of ‘Skype4B’. When companies choose to host Skype for Business (previously Microsoft…

TrustedSec Expands with Four New Additions

August 08, 2017 | By:

TrustedSec continues to grow based on reputation, brand, and most importantly the services we provide to our customers. We have added four amazing new members for both the Force team (our technical crew) and the Advisory Services (PCI, Office of CISO, and Risk Assessment) group. New additions to the team (alphabetical order): Jason Lang (@curi0usJack),…

PCI Inventory List of Assets

August 08, 2017 | By:

The Payment Card Industry Data Security Standard (PCI DSS) requires that an inventory of system components (PCI Req. 2.4: Complete Inventory List) is maintained. This requirement was a requirement as of PCI DSS 3.0. Good governance would suggest that maintaining these documents are part of the process of onboarding and offboarding applications, systems, etc. Maintaining…

Faux Ransomware Does Damage – WSJ

July 26, 2017 | By:

  Cyberattack wasn’t intended to extort money, rather aimed to cripple businesses… This week’s global virus outbreak that grounded airplanes in Ukraine, slowed FedEx courier deliveries in Europe and disrupted Maersk container ships around the world was devised simply to damage businesses, not earn profits for the hackers behind it, security experts now believe.

Computer Hackers Increasingly Eyeing ‘Smart Appliances’, Featuring Christopher Prewitt & Alex Hamerstone – Cleveland 19 News

July 24, 2017 | By:

Computer Hackers Increasingly Eyeing ‘Smart Appliances’ – Cleveland 19 News   CLEVELAND, OH (WOIO) -The Black Hat and Defcon cyber security conventions get underway this week in Las Vegas. Tens of thousands of computer experts will be gathering to discuss the latest threats and trends. They’ll also be receiving training to help businesses and consumers better protect their vital…

New Tool Release: NPS_Payload

July 23, 2017 | By:

Over the past year, we have seen a lot of research come out which highlights several of Microsoft’s native binaries which can be leveraged by an attacker to compromise or gain access to a system. One of these binaries, msbuild.exe, has proven very reliable in allowing us to gain a shell on a host in…