Senior Incident Response Consultant
Shane has been working in computer technology and information security for over 20 years. Some of his recent work includes performing specialized incident analysis on the latest cybercrime activities, producing actionable threat intelligence.
Education & Certifications
BA, Business and E-Commerce, University of Phoenix
MS, Digital Forensics, University of Central Florida
Certified Information Security Professional (CISSP)
Tampa Bay Chapter of (ISC)²
Author, Android Malware and Analysis – 2014
BSides Tampa Presentation – Android Malware and Analysis – 2015
BSides Tampa Presentation – NFC Your Smart Phone’s Best Friend or Worst Nightmare – 2017
Video Course – Metasploit Unleashed – 2020
BSides Tampa Presentation – IOT Insecurities – 2022
Passion for Security
Shane continually shares his industry knowledge through publications and public presentations. Additionally, he is a part-time adjunct professor at the University of South Florida, teaching classes such as Ethical Hacking and Digital Forensics.
Recent Blog Posts
Threat Overview Around February 03, 2023, a ransomware campaign called “ESXiArgs” emerged that targeted Internet-facing VMware ESXi servers running versions older than 7.0. Though not confirmed, it has been reported by the French CERT (CERT-FR), BleepingComputer, and other sources that the campaign leverages CVE-2021-21974, which is a three-year-old vulnerability in the OpenSLP component of the...
In the first Back to Basics blog we discussed cyber hygiene and some fundamental security practices one can take to quickly assess their current cybersecurity posture and identify, prioritize, and mitigate visibility gaps. This post focuses on account management measures and how proactive identification and regulation can drastically elevate your security posture. Routine cyber hygiene...
TrustedSec’s Incident Response Team sent urgent communications to all IR retainer clients after the discovery of the compromise of Okta. Below are the recommendations provided with additional updates after reviewing more information on 03/23/2022. On March 22, 2022, the threat group LAPSUS$ announced a successful compromise of Okta, a heavily used identity and access management...
Another Penetration Test? Penetration testing your environment is one of the most important tasks an organization can perform. It is part of every regulation and industry security standard for good reason. However, there are times when performing a penetration test...