TrustedSec

<p>If you’ve administered Active Directory (AD) for any significant time, chances are you’ve come across the primaryGroupID attribute. Originally developed as a method for AD to support Portable Operating System Interface…</p>

<p>TL;DR, gimme the goods: https://github.com/hoodoer/ColonelClusteredExtension has been submitted to the Bapp store, awaiting approval.This is a Burp Suite extension I’ve been meaning to write for many years, yet somehow…</p>

<p>The CMMC program contains complex, and potentially confusing, scope requirements. Contractors that are preparing for a CMMC assessment will need to pay close attention to these requirements to achieve compliance. This…</p>

<p>Over the past few weeks I’ve been spending a significant amount of time updating the Sysmon Community Guide. This wasn’t driven by theory, trends, or what 'should' work on paper. It was driven by what we keep seeing…</p>

<p>Before we dive in, let’s get all the TrustedSec Certified Absolutes out of the way:All software presents some level of inherent risk.Only required software that cannot live on other systems should be installed on Domain…</p>

<p>Everyone has a year-end list, and this is ours. See what our top-performing cybersecurity blogs were in 2025, there could be some you might have missed!</p>

<p>Password reuse is common in Active Directory (AD). From an attacker’s perspective, it is a reliable path to lateral movement or privilege escalation. Most IT teams recognize the risk, but longer passwords and password…</p>

<p>The TrustedSec PMA is a tactical approach to evaluating the components, efficiency, and overall maturity of an organization’s Information Security program.Unlike a traditional compliance audit, the PMA is designed as a…</p>

<p>Introducing a custom model for understanding privileged roles in Microsoft Entra ID, developed by TrustedSecWhenever our team conducts a Hardening Review of Microsoft Entra, 365, or Azure, we always emphasize protecting…</p>

<p>When it comes to reading (and editing) (and proofreading) technical documents, it's important to remember that the details are key, and can make all the difference. Not all readers of technical documents have technical…</p>

<p>Defense contractors are preparing their systems for the start of the upcoming CMMC rollout but what they may not have considered is how their relationship with Subcontractors and External Service Providers (ESPs),…</p>

<p>Discord Livestream In preparation for a talk, Jason Lang (@curi0usJack) and I were doing at MCTTP about mining TTPs from VX-underground, we both ended up doing research based on ideas we got from reading all the…</p>

<p>Password-spraying is a popular technique which involves guessing passwords to gain control of accounts. This automated password-guessing is performed against all users and typically avoids account lockout since the…</p>

<p>Service triggers can be a pentester’s secret weapon, letting low-priv users quietly fire up powerful services like Remote Registry and EFS. Learn how they can be activated with little to no code required.</p>

<p>Your Web Application Firewall (WAF) sees EVERYTHING. In this blog, we demonstrate how an attacker with access to Azure Front Door’s WAF and Log Analytics can potentially skim credentials from a site behind the WAF.</p>

<p>If your payment processor says they use “End-to-End Encryption” your PCI DSS compliance scope may be bigger than you expect. In this blog, we break down how E2EE fits—or doesn’t—into the PCI P2PE program.</p>

<p>In this blog, we explain how HIPAA’s Privacy, Security, Breach Notification, and Administrative Rules apply while clearing up common misunderstandings about who they cover.</p>

<p>Many teams working with health care providers receive requests to sign a Business Associate Agreement. In this blog, we break down HIPAA’s definition of a “Business Associate” to help you know if signing is necessary.</p>

<p>Handling health records doesn’t automatically make an organization a Covered Entity. In this blog, we help clear up common misconceptions so teams can better understand whether HIPAA truly applies.</p>

<p>Windows Server Update Services (WSUS) is a trusted cornerstone of patch management in many environments, but its reliance on HTTP/HTTPS traffic makes it a prime target for attackers operating on the local network. By…</p>