Principal Research Analyst
Over 14 years of experience in software development and 10 years in Information Security. Experience range from Material Handling, Banking, to the Defense Industry.
Education & Certifications
- BS in Computer Engineering, University of Cincinnati.
- Masters in Computer Science with a focus on Cyber Informatics, University of Cincinnati.
- GIAC Reverse Engineering Malware (GREM)
Passion for Security
Scott has always been fascinated with computers and software. He started programming in Elementary and has never stopped. Scott is passionate about learning the internal workings of software and systems. This led to Reverse Engineering, Malware, exploits and CTF.
Recent Blog Posts
1 Analysis of OneNote Malware A lot of information has been circulating regarding the distribution of malware through OneNote, so I thought it would be fun to look at a sample. It turns out there are a lot of similarities between embedding malicious code into a OneNote document and the old macro/VBA techniques for Office...
In this video, our Principal Research Analyst Scott Nusbaum goes over his research on LastPass Password Manager. He discusses how the credentials are exposed in memory to an attacker that is present on the host and is able to access the browser process. He also goes over on how LastPass could modify their extension to...
During an Incident Response case, the TrustedSec IR team came across a novel method used by an attacker to maintain access to the target’s servers. After gaining access to the systems, the attacker then modified a DLL required by a service to include malicious code. This video demonstrates a similar process for embedding malicious code...
Join TrustedSec for our latest webinar on Thursday, July 1 at 1PM Eastern Recent attacks on corporations and government agencies to disrupt critical infrastructure have grabbed headlines across the media landscape in recent months. And while these stories capture some...