We share our expertise to make the world a safer place.
InfoSec moves at a rapid pace and sometimes it’s hard to keep up—that’s where we enter the chat.
Discover current cybersecurity insights
Get vital information straight from the experts, without all the noise.
The Lost Underground
Join TrustedSec Principal Security Consultant Mike Felch for an eye-opening journey into the lost underground, where ingenuity, disobedience, and complexity…
BEC Basics: Your First Step to Thwarting Email Scams
Join Senior Security Consultant Steven Erwin and Security Consultant Caroline Fenstermacher as they cover the basics of BEC analysis, providing participants…
Discovering a Deserialization Vulnerability in LINQPad
Like most red teamers, I spend quite a lot of time looking for novel vulnerabilities that could be used for initial access or lateral movement. Recently, my…
A 5-Minute Guide to HTTP Response Codes
If you've done any network scanning or application testing, you've run into your fair share of HTTP response codes. If not, these codes will show up in most…
Navigating Compliance: FCI and CUI Requirements for Federal Contractors
TrustedSec Advisory Compliance Services Practice Lead Chris Camejo provides a comprehensive overview of the definition, scope, and protection requirements for…
Security Noise - Episode 7.6
Ghost in The Machine: Hardware Hacking w/ Rob Simon
Attacking JWT with Self-Signed Claims
JSON Web Tokens (JWTs) are a widely used format for applications and APIs to pass authorization information. These tokens often use a JSON Web Signature (JWS)…
EKUwu: Not just another AD CS ESC
Update November 12, 2024 - This vulnerability has been patched. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49019This post was originally…
Ask Me Anything: Mobile Security
Join our expert panel led by TrustedSec Mobile Testing Practice Lead Rob Simon, Principal Consultant Drew Kirkpatrick, and Senior Security Consultant Whitney…
Detecting CVE-2020-0688 Remote Code Execution Vulnerability on Microsoft Exchange Server
In February 2020, Microsoft released a patch for all versions of the Microsoft Exchange server. This patch fixes a Remote Code Execution flaw that allows an…
Security Noise - Episode 7.5
The Rootin’ Tootin’ Best of Wild West Hackin’ Fest
Ask Me Anything: Advanced Cloud Pen Testing Scenarios
Join TrustedSec Force Cloud Security Practice Lead Paul Burkeland, along with Principal Security Consultant Mike Felch and Security Consultants Edwin David and…
Loading...
Get our best blogs, latest webinars, and podcasts sent to your inbox.
Our monthly newsletter makes it easy to stay up-to-date on the latest in security.
