TrustedSec

<p>TL;DRDefine the goal of an assessment.Take time to choose the right assessment type.The more detail you give about an asset, the better quality your report will be.Select the right environment for the…</p>

<p>We're back with another post about common malware techniques. This time we are talking about setting Windows hooks. This is a simple technique that can be used to log keystrokes or inject code into remote processes. We…</p>

<p>1    IntroductionWeb browsers are common targets for many different APTs. Tools like Redline Malware or penetration testing tools such as SharpChrome or SharpChromium steal sensitive data like cookies and saved login…</p>

<p>Lately I have been working with Velociraptor for its endpoint and digital forensic capabilities and specifically spent time in many cases in the past two years with Velociraptor Offline Collector functions to gather…</p>

<p>As an incident unfolds, skilled threat hunters with a special talent for uncovering hidden threats stand at the ready. These hunters smoke jump into the chaos and meticulously sift through network logs and endpoint…</p>

<p>IntroductionPhishing. We all love phishing. This post is about a new phishing technique based on some legacy knowledge I had that can be used to get past email filters and such. I would expect that after publication,…</p>

<p>Use of Targeted Risk Analysis (TRA) is a PCI best practice until March 31, 2025, at which time it becomes required for several controls across many assessment types. Unlike many other new controls, this applies as much…</p>

<p>1.1 IntroductionA hopefully rare scenario that gives red teamers a mini heart-attack is a sudden check-in from a new agent: admin on ALICE-PC.If a blue teamer has managed to get hold of a payload used on an engagement…</p>

<p>Figure 1: Every government contractor when they hear about CUI Contractors and subcontractors working for the US Federal Government (as well as some other unrelated organizations) may encounter contract clauses that…</p>

<p>There exist a few singular Registry changes that any non-privileged user can make that transform the Outlook email client into a beaconing C2 agent. Given that outlook.exe is a trusted process, this allows an attacker…</p>

<p>I want to applaud the PCI Security Standards Council (PCI SSC) for FAQ 1572 published in March of 2024 for simply and effectively answering a question asked by countless assessors for several years.The question is: Can…</p>

<p>Have you ever felt frustrated about security compliance? Well, you're not alone. We've all got some kind of 'Kryptonite' when it comes to Compliance. I asked some of our InfoSec auditors to share their Kryptonite. Their…</p>

<p>This post was written by John Dwyer, Director of Security Research at Binary Defense, and made possible through the contributions of TrustedSec Senior Research Analyst Kevin Haubris and Eric Gonzalez of Binary…</p>

<p>Welcome back to another round of "Hiding in Plain Sight," exploring weird places to stash data or payloads. In our last edition, we explored an easy method of encoding a payload into RGB values of a PNG file and hosting…</p>

<p>Buckle up! This is a different type of blog that isn’t our normally scheduled technical prowess or superhuman talents we have here at TrustedSec. Each month, I have the privilege of hosting a meeting with new employees…</p>

<p>With the introduction of WPA3, it is becoming increasingly difficult to successfully exploit a wireless network. One of the main enhancements introduced in WPA3 is the Simultaneous Authentication of Equals (SAE) model.…</p>

<p>The new version 4.0 of the PCI DSS standard that applies to organizations that handle payment cards is now mandatory as of April 01, 2024. As a QSA, I’ve heard rumblings about organizations that moved their annual PCI…</p>

<p>It was my second Physical Penetration Test here at TrustedSec and I was paired with colleague Paul Burkeland. After arriving at the hotel, Paul stated that he needed 16 AA batteries, so we went to the local CVS. I was…</p>

<p>Have you ever attended a security conference (or any conference for that matter) and thought about giving a presentation yourself, but don't know where to start? Well, I am here to help! This blog post will guide you…</p>

<p>There is an old axiom that goes something like “If an enemy has physical access to your box, it is no longer your box”. With enough time, and baring well-implemented cryptography, someone will get to the data on the…</p>