Principal Research Analyst
Over 14 years of experience in software development and 10 years in Information Security. Experience range from Material Handling, Banking, to the Defense Industry.
Education & Certifications
- BS in Computer Engineering, University of Cincinnati.
- Masters in Computer Science with a focus on Cyber Informatics, University of Cincinnati.
- GIAC Reverse Engineering Malware (GREM)
Passion for Security
Scott has always been fascinated with computers and software. He started programming in Elementary and has never stopped. Scott is passionate about learning the internal workings of software and systems. This led to Reverse Engineering, Malware, exploits and CTF.
Recent Blog Posts
1 Deep Dive into an ESXi Ransomware TrustedSec’s Nick Gilberti wrote a great blog covering the ESXi ransomware’s shell script here. However, in this blog, we are going to dive a little deeper into the code behind this ransomware. The sample ransomware discussed was acquired from VirusTotal and Bleeping Computers forum. The following is a...
1 Analysis of OneNote Malware A lot of information has been circulating regarding the distribution of malware through OneNote, so I thought it would be fun to look at a sample. It turns out there are a lot of similarities between embedding malicious code into a OneNote document and the old macro/VBA techniques for Office...
In this video, our Principal Research Analyst Scott Nusbaum goes over his research on LastPass Password Manager. He discusses how the credentials are exposed in memory to an attacker that is present on the host and is able to access the browser process. He also goes over on how LastPass could modify their extension to...
When it comes to attackers and organizations that are trying to defend themselves, there’s always an arms race between the two over who can get the upper hand. An Ebb and Flow There are times when a particular attack almost...
Join TrustedSec for our latest webinar on Thursday, July 1 at 1PM Eastern Recent attacks on corporations and government agencies to disrupt critical infrastructure have grabbed headlines across the media landscape in recent months. And while these stories capture some...