Skip to Main Content

Scott Nusbaum

Principal Research Analyst

EXPERIENCE
Scott Nusbaum has over 25 years of experience in software development and 16 years in Information Security. He has experience ranging from material handling and banking to the defense industry.

EDUCATION & CERTIFICATIONS

  • Bachelor of Science, Computer Engineering, University of Cincinnati
  • Master of Science, Computer Science, Cyber Informatics, University of Cincinnati
  • Offensive Security Certified Expert (OSCE)
  • Offensive Security Exploit Developer (OSED)
  • Offensive Security Experienced Professional (OSEP)
  • GIAC Reverse Engineering Malware (GREM)

INDUSTRY CONTRIBUTIONS
Scott has contributed to InfoSec conferences to share his knowledge with the community, including Queen City Con 2023, Texas Cyber Summit 2023, the Ohio Information Security Forum, and as an Adjunct Instructor at the University of Cincinnati.

PASSION FOR SECURITY
Scott has always been fascinated with computers and software. He started programming in elementary school and has never stopped. Scott is passionate about learning the internal workings of software and systems. This led to reverse engineering, malware, exploits, and CTF.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Blog January 30 2024

Burrowing a Hollow in a DLL to Hide

1    Burrowing a Hollow in a DLL to Hide In this post about common malware techniques, we are still talking about hollowing—but this time, instead of hollowing…

Read about this article
Webinars July 01 2021

The Ransomware Environment: Going Beyond the Headlines

Join Kennedy and Nusbaum for this interactive webinar that will dive deeper into how these attacks are carried out and how organizations can be prepared.

Read about this article
Webinars March 08 2023

Who’s Winning the Red vs. Blue Team Arms Race

Join experts Adam Compton—Principal Penetration Testing Consultant, Phil Rowland—Remediation Practice Lead, and Scott Nusbaum—Principal Advanced Research…

Read about this article
Blog June 16 2023

Obfuscation Using Python Bytecode

1.1   Introduction I love when I get tossed a piece of unique malware. Most of the time, malware is obfuscated using PowerShell or a dropper written in C. This…

Read about this article
Blog May 30 2023

PPID Spoofing: It’s Really this Easy to Fake Your Parent

1 New Blog Series on Common Malware Tactics and Tricks This will be the first post in a series of blogs covering some common malware tactics and tricks. The…

Read about this article
Blog February 08 2023

ESXiArgs: The code behind the ransomware

1 Deep Dive into an ESXi Ransomware TrustedSec’s Nick Gilberti wrote a great blog covering the ESXi ransomware’s shell script here. However, in this blog, we…

Read about this article
Blog January 31 2023

New Attacks, Old Tricks: How OneNote Malware is Evolving

1    Analysis of OneNote Malware A lot of information has been circulating regarding the distribution of malware through OneNote, so I thought it would be fun…

Read about this article
Webinars December 18 2024

The Lost Underground

Join TrustedSec Principal Security Consultant Mike Felch for an eye-opening journey into the lost underground, where ingenuity, disobedience, and complexity…

Read about this article
Webinars December 04 2024

BEC Basics: Your First Step to Thwarting Email Scams

Join Senior Security Consultant Steven Erwin and Security Consultant Caroline Fenstermacher as they cover the basics of BEC analysis, providing participants…

Read about this article
Blog December 03 2024

Discovering a Deserialization Vulnerability in LINQPad

Like most red teamers, I spend quite a lot of time looking for novel vulnerabilities that could be used for initial access or lateral movement. Recently, my…

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.