Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
The Dangers of Transition Mode
Discover the security vulnerabilities of WPA3 networks, learn how to identify and exploit them, and discover how to remediate them to protect your network from…
Playing Games with PCI Compliance Deadlines
The new version 4.0 of the PCI DSS standard that applies to organizations that handle payment cards is now mandatory as of April 01, 2024. As a QSA, I’ve heard…
Let’s Clone a Cloner...To Meet My Needs
It was my second Physical Penetration Test here at TrustedSec and I was paired with colleague Paul Burkeland. After arriving at the hotel, Paul stated that he…
Tips and Tricks on Creating Your First Conference Talk
Have you ever attended a security conference (or any conference for that matter) and thought about giving a presentation yourself, but don't know where to…
Hands On with Chip Off Non-Volatile Memory
Installing memory modules on donor boards requires precision and patience, involving heat damage prevention, thermal shock reduction, and precise soldering…
Everything You Need to Know About jQuery and its Vulnerabilities
IntroductionJavaScript is used in some way on almost all modern web applications. There are several popular libraries that websites utilize, and each come with…
Introducing The Shelf
The Shelf
Missing: Data Classification
Picked Last AgainData Classification is generally missing from many Information Security programs, unfortunately. The growth and maturity of most security…
Assumed Breach: The Evolution of Offensive Security Testing
Assumed Breach assessments simulate a compromised internal network, helping organizations strengthen security posture by identifying vulnerabilities and…
JS-Tap Mark II: Now with C2 Shenanigans
JS-Tap 2.0 offers a custom payload C2 system, allowing users to execute custom JavaScript payloads on clients, with features like autorun, repeat payload, and…
Introducing Meta-Detector
In this blog post, I’m going to discuss a new Open-Source Intelligence (OSINT) tool I created to assist with collecting information about target organizations…
Most Reported Web Findings of 2023
I reviewed the findings from the application and API assessments that the TrustedSec Software Security Team conducted during 2023 to see what issues we were…
Loading...