Scott Nusbaum

Principal Research Analyst

Experience

Over 14 years of experience in software development and 10 years in Information Security. Experience range from Material Handling, Banking, to the Defense Industry.

Education & Certifications

  • BS in Computer Engineering, University of Cincinnati.
  • Masters in Computer Science with a focus on Cyber Informatics, University of Cincinnati.
  • GIAC Reverse Engineering Malware (GREM)

Passion for Security

Scott has always been fascinated with computers and software. He started programming in Elementary and has never stopped. Scott is passionate about learning the internal workings of software and systems. This led to Reverse Engineering, Malware, exploits and CTF.

Recent Blog Posts

ESXIArgs ransomware code

ESXiArgs: The code behind the ransomware

By Scott Nusbaum
In Incident Response, Incident Response & Forensics
1 Deep Dive into an ESXi Ransomware TrustedSec’s Nick Gilberti wrote a great blog covering the ESXi ransomware’s shell script here. However, in this blog, we are going to dive a little deeper into the code behind this ransomware. The sample ransomware discussed was acquired from VirusTotal and Bleeping Computers forum. The following is a...
Read
TrustedSec Security Blog OneNote Malware Analysis

New Attacks, Old Tricks: How OneNote Malware is Evolving

By Scott Nusbaum
In Incident Response, Incident Response & Forensics, Malware Analysis, Office 365 Security Assessment, Purple Team Adversarial Detection & Countermeasures, Threat Hunting
1    Analysis of OneNote Malware A lot of information has been circulating regarding the distribution of malware through OneNote, so I thought it would be fun to look at a sample. It turns out there are a lot of similarities between embedding malicious code into a OneNote document and the old macro/VBA techniques for Office...
Read

LastPass Security Vulnerability: How Credentials are Accessed in Memory

By Scott Nusbaum and Carlos Perez
In Penetration Testing, Research, Security Testing & Analysis
In this video, our Principal Research Analyst Scott Nusbaum goes over his research on LastPass Password Manager. He discusses how the credentials are exposed in memory to an attacker that is present on the host and is able to access the browser process. He also goes over on how LastPass could modify their extension to...
Read
View all posts from Scott

Recent Webinars

Who's winning the Red Vs. Blue Arms Race? TrustedSec webinar

Who’s Winning the Red vs. Blue Team Arms Race

When it comes to attackers and organizations that are trying to defend themselves, there’s always an arms race between the two over who can get the upper hand. An Ebb and Flow There are times when a particular attack almost...
Watch

The Ransomware Environment: Going Beyond the Headlines

Join TrustedSec for our latest webinar on Thursday, July 1 at 1PM Eastern Recent attacks on corporations  and government agencies to disrupt critical infrastructure have grabbed headlines across the media landscape in recent months. And while these stories capture some...
Watch
View all webinars from Scott

Recent Podcasts

TrustedSec Security Podcasts

LastPass the Last Time Honest (Well Maybe)

May 28, 2023

Because 4.13 Could Never Have Brought Us Luck

May 28, 2023

Happy Fourth!

May 28, 2023

Want to work with Scott Nusbaum or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us