GDPR // Five Important Considerations

August 21, 2017 | By:

The EU General Data Protection Regulation (GDPR) is a regulation that was approved in 2016 and scheduled to be enforced by May 25, 2018. Many customers ask, what is GDPR? It was developed to strengthen the rights of individuals in the European Union (EU). The regulation was implemented to control EU citizens’ personal data and…


Attacking Self-Hosted Skype for Business/Microsoft Lync Installations

August 11, 2017 | By:

TL;DR: How to attack self-hosted Skype for Business (Lync) servers. If you’re using O365 wait for the next post. Note: For the sake of brevity throughout this post, Skype for Business and Microsoft Lync will both be referred to under the umbrella designation of ‘Skype4B’. When companies choose to host Skype for Business (previously Microsoft…


TrustedSec Expands with Four New Additions

August 08, 2017 | By:

TrustedSec continues to grow based on reputation, brand, and most importantly the services we provide to our customers. We have added four amazing new members for both the Force team (our technical crew) and the Advisory Services (PCI, Office of CISO, and Risk Assessment) group. New additions to the team (alphabetical order): Jason Lang (@curi0usJack),…


PCI Inventory List of Assets

August 08, 2017 | By:

The Payment Card Industry Data Security Standard (PCI DSS) requires that an inventory of system components (PCI Req. 2.4: Complete Inventory List) is maintained. This requirement was a requirement as of PCI DSS 3.0. Good governance would suggest that maintaining these documents are part of the process of onboarding and offboarding applications, systems, etc. Maintaining…


New Tool Release: NPS_Payload

July 23, 2017 | By:

Over the past year, we have seen a lot of research come out which highlights several of Microsoft’s native binaries which can be leveraged by an attacker to compromise or gain access to a system. One of these binaries, msbuild.exe, has proven very reliable in allowing us to gain a shell on a host in…


Social-Engineer Toolkit (SET) v7.7 “Blackout” Released

July 11, 2017 | By:

TrustedSec is proud to announce a major release of the Social-Engineer Toolkit (SET) v7.7. This version incorporates support for hostnames in the HTA attack vector, and a redesigned Java Applet attack vector. Java is still widely used in corporations and with a valid code signing certificate can be one of the easiest ways to get…


Equation Group Dump Analysis and Full RCE on Win7 on MS17-010 with Cobalt Strike

April 15, 2017 | By:

UPDATE: When posting this blog, we had not done the most recent patches for patch Tuesday (in March). This SMB flaw apparently was fixed on Tuesday with MS17-010. When we did our testing, we were out of the patch cycle for March. Clarified the blog post with the update and link to Microsoft below. Link…


A Foundation Built on People – The TrustedSec Family Grows

April 04, 2017 | By:

When I started TrustedSec over five years ago, I had a dream to start a company that makes the security industry better. A company that brings in top talent and amazing people that I call friends. A place where we always work with the mindset of “always doing the right thing” for our people and…


Classy Inter-Domain Routing Enumeration

March 17, 2017 | By:

During the information gathering phase of a penetration test, we want to discover the netblocks, or ranges, owned by the target organization. This allows us to produce a list of potential hosts for further enumeration. For very large organizations, or ones that have been around since the birth of the Internet, it is possible that…


Full Disclosure: Adobe ColdFusion Path Traversal for CVE-2010-2861

March 15, 2017 | By:

This blog was written by Scott White, Senior Principal Security Consultant, Web Application Team Lead – TrustedSec TL;DR: A publicly undisclosed pre-auth local file disclosure path in older Adobe ColdFusion products (8.0, 8.0.1, 9.0, 9.0.1 and earlier versions) exists at /CFIDE/debug/cf_debugFr.cfm?userPage=../../etc/hosts During a recent penetration test, a web site utilizing cfm pages was identified and…