TrustedSec

<p>Windows Server Update Services (WSUS) is a trusted cornerstone of patch management in many environments, but its reliance on HTTP/HTTPS traffic makes it a prime target for attackers operating on the local network. By…</p>

<p>A major step on the CMMC rollout timeline was completed recently as the regulatory change that will create the CMMC contract clause made its way to the Office of Information and Regulatory Affairs (OIRA). This post…</p>

<p>Password-spraying is a popular technique which involves guessing passwords to gain control of accounts. This automated password-guessing is performed against all users and typically avoids account lockout since the…</p>

<p>Many organizations don’t understand that not all health information is PHI and apply HIPAA more broadly than is required. This has implications for which organizations are considered Business Associates (because an…</p>

<p>Ransomware attackers frequently target backups and recovery systems to force victims into paying ransoms, making robust protection strategies essential for all organizations. This blog introduces the Defensive Backup…</p>

<p>It's that feeling of your nerves being stretched like sinew over mounting expectations and due dates. When your attention keeps an exhausted but stubborn focus on an ever-shifting goal because there is always one more…</p>

<p>Many DoD contractors are struggling to understand what requirements will apply to them once CMMC rolls out. CMMC defines three levels, but CMMC Level 2 may allow a self-assessment or may require a third-party…</p>

<p>Implementing CMMC and other Controlled Unclassified Information (CUI) protection obligations depends on the accurate identification of CUI, and in some cases also depends on the identification of the CUI categories and…</p>

<p>Defense subcontractors may already be seeing CMMC clauses in their contracts, even though the CMMC contracting procedures and contract clause have yet to be finalized (as of this post in August 2025). However, the…</p>

<p>Plenty of people know how to toss an IP address and port list into Excel for sorting and searching but don’t get a chance to take it to a deeper level. Excel pivot tables are a great next step to explore, offering a…</p>

<p>We have arrived at our final stage of metamorphosis, taking our pupa and morphing it into a hacking machine. Let's finish this journey. Geared Up Pupa In the first blog, we took various MaxiProx builds and attempted to…</p>

<p>Understanding the Value of Findings Clients Often QuestionIn some report readouts, we may encounter situations where a client looks at a web application report and asks, “Why are you even reporting that?” This blog…</p>

<p>Attackers are getting increasingly creative—not just with their payloads, but with how they deliver and operate them. In a recent Incident Response engagement, TrustedSec investigated a case involving an attacker who…</p>

<p>Organizations in the health care sector and those that work with it often hear about HIPAA, HITECH, and HITRUST compliance but may not understand what they all are and what they have to do with each other. This post…</p>

<p>The Azure Front Door Web Application Firewall (WAF) has an "IP restriction" option that can be bypassed with the inclusion of an HTTP header. What's worse? This is actually expected behavior. Figure 1 - WHY???…</p>

<p>While digging into the internals of my new Lenovo ThinkPad P1 Gen7, I came across an unexpected discovery that quickly escalated from curiosity to a viable privilege escalation vulnerability.  Every day at exactly…</p>

<p>In this post, we’ll be exploring a practical technique for abusing Chrome Remote Desktop (also known as Google Remote Desktop) within a Red Team operation. I sometimes find myself needing to use legitimate software to…</p>

<p>As a Senior Security Consultant and National Institute of Standards and Technology (NIST) expert, the question I get asked the most is, how do we compare scores and maturity ratings from version 1.1 to version 2.0?…</p>

<p>Take a closer look at JWT signature verification using X.509 headers as we walk through an attack and demonstrate a Burp extension to exploit a known vulnerability by targeting two headers used in some JWT setups.</p>

<p>Figure 1 - We take our work very seriously. Capturing Hashes with DragonHashChromium-based browsers have an odd feature set that allows extensive drag-and-drop capabilities in the browser. This feature is not only…</p>