Tyler Hudak

On May 31, 2023, Progress Software released a security bulletin concerning a critical vulnerability within MOVEit Transfer, a widely used secure file transfer system. According to Shodan, over 2500 servers running this software are on the Internet. TrustedSec has performed analysis on the vulnerability and post-exploitation activities. CVE-2023-34362 has been assigned to this vulnerability. This...

Threat Overview Around February 03, 2023, a ransomware campaign called “ESXiArgs” emerged that targeted Internet-facing VMware ESXi servers running versions older than 7.0. Though not confirmed, it has been reported by the French CERT (CERT-FR), BleepingComputer, and other sources that the campaign leverages CVE-2021-21974, which is a three-year-old vulnerability in the OpenSLP component of the...

tl;dr Communications are critical during an incident. If you cannot coordinate, collaborate, and inform actions and information about an incident, the incident response will eventually fail. Normally, this isn’t an issue, as organizations have resources like Microsoft 365 email, SharePoint, Slack, and Teams to use to communicate with each other. However, what happens when those...

Panelists: Carlos Perez, Liz Waddell  Guest: Tyler Hudak  Keeping pace with the rapidly evolving cybersecurity industry while comprehending the bigger picture is a challenge for every security practitioner. Effectively translating insights into practical improvements for your craft and security team...

Threat hunting is an essential component of any modern security program, providing a proactive approach to detecting threats. As attackers become more sophisticated, it’s crucial to go beyond entry-level techniques and tactics. However, most webinars and trainings on threat hunting...

Presented by TrustedSec & Binary Defense on December 14, 2021. During this live webcast we are covering the latest news and guidance on the Log4j vulnerability and what organizations can do to detect and respond to it. We will discuss...