Category Archives: Remediation Assistance & Training

Windows LAPS: Closing a Gap for Cloud-Native Device Management

Posted on by

1 TLDR; Microsoft is releasing an Azure AD integrated, built-in LAPS agent to Windows 10 and Windows 11 that can be controlled by Intune. 1.1      Problem Statement Migrating Windows endpoints to Intune-only management left gaps in controllable settings. An alternative for traditional Local Administrator Password Solution (LAPS) in an on-premises domain has been a primary…

The post Windows LAPS: Closing a Gap for Cloud-Native Device Management appeared first on TrustedSec.

Continue reading Windows LAPS: Closing a Gap for Cloud-Native Device Management

Building a Strong Foundation With the Information Security Accelerator

Posted on by

Bottom Line Up Front Common threats like malware, ransomware, web application hacking, insider and privilege misuse, and targeted intrusions don’t have to spell disaster. Mid-market companies and small-to-medium businesses (SMBs) can cut through the confusion of how to build a solid security program. Our Information Security Accelerator service is designed to help your organization chart…

The post Building a Strong Foundation With the Information Security Accelerator appeared first on TrustedSec.

Continue reading Building a Strong Foundation With the Information Security Accelerator

Hardening Backups Against Ransomware

Posted on by

Human-operated ransomware represents a unique challenge to backup infrastructures. Unlike in other scenarios, ransomware attackers specifically target and attempt to destroy backup systems to increase the likelihood that a victimized organization will pay the ransom. This threat requires a different approach to securing backup infrastructure. The Old Ways Are Not Enough Traditionally, enterprise backup infrastructures…

The post Hardening Backups Against Ransomware appeared first on TrustedSec.

Continue reading Hardening Backups Against Ransomware

Scraping Login Credentials With XSS

Posted on by

Unauthenticated JavaScript Fun In prior blog posts I’ve shown the types of weaponized XSS attacks one can perform against authenticated users, using their session to access and exfiltrate data, or perform actions in the application as that user. But what if you only have unauthenticated XSS? Perhaps your client hasn’t provided you with credentials to…

The post Scraping Login Credentials With XSS appeared first on TrustedSec.

Continue reading Scraping Login Credentials With XSS

Is Cyber Insurance Becoming Worthless?

Posted on by

New challenges have emerged that make it difficult to transfer risk. Ransomware has changed the game An overlooked yet the increasingly important challenge in information risk management is finding the right balance between cybersecurity and cyber insurance. We continue to see organizations hit with ransomware from a variety of vectors, including spam emails, drive-by downloads,…

The post Is Cyber Insurance Becoming Worthless? appeared first on TrustedSec.

Continue reading Is Cyber Insurance Becoming Worthless?

Simple Data Exfiltration Through XSS

Posted on by

During a recent engagement, I found a cross-site scripting (XSS) vulnerability in a legal document management application and created a quick and dirty document exfiltration payload. Unfortunately, this discovery and coding happened on the final day of the engagement (*cough* reporting bonus hacking day), and I didn’t have a chance to actually put the exfiltrated…

The post Simple Data Exfiltration Through XSS appeared first on TrustedSec.

Continue reading Simple Data Exfiltration Through XSS

An Update On Non-Aggressive Reporting

Posted on by

Reporting is an essential piece of the penetration testing puzzle. It’s the product your client will be reviewing within their organization, representing you and your company to those you may not have worked with directly. With that in mind, it’s important that your product, the report, strikes a balance between professional tone and cold facts….

The post An Update On Non-Aggressive Reporting appeared first on TrustedSec.

Continue reading An Update On Non-Aggressive Reporting

Fear, Cybersecurity, and Right to Repair

Posted on by

Massachusetts is the latest state to grapple with Right to Repair legislation. A ballot question in the 2020 election asked the state’s voters to decide whether or not automobile manufacturers must make the telematics data collected by cars’ on-board computers available to independent repair shops. What seems like a debate over who can access the…

The post Fear, Cybersecurity, and Right to Repair appeared first on TrustedSec.

Continue reading Fear, Cybersecurity, and Right to Repair

Making EDR Work for PCI

Posted on by

The Endpoint Detection & Response (EDR) and Advanced Threat Protection (ATP) marketplace is abuzz with products that blur the lines of personal firewall, host-based intrusion detection system (IDS) and intrusion prevention system (IPS), anti-virus, system logging, and file integrity monitoring (FIM). These solutions are centrally managed from your web browser and include advanced dashboards for…

The post Making EDR Work for PCI appeared first on TrustedSec.

Continue reading Making EDR Work for PCI

Azure Automation – Getting Started With Desired State Configurations

Posted on by

Azure brings a lot of new tools and capabilities to the IT and Information Security toolbox. In fact, there are so many features that it can be overwhelming and difficult to understand when or how to use them. I believe that the revamp of Desired State Configuration (DSC) within Azure is one of these overlooked…

The post Azure Automation – Getting Started With Desired State Configurations appeared first on TrustedSec.

Continue reading Azure Automation – Getting Started With Desired State Configurations