<p>Ransomware attackers frequently target backups and recovery systems to force victims into paying ransoms, making robust protection strategies essential for all organizations. This blog introduces the Defensive Backup…</p>| TrustedSec
It's that feeling of your nerves being stretched like sinew over mounting expectations and due dates. When your attention keeps an exhausted but stubborn focus on an ever-shifting goal because there is always one more attack to check, one more use-case to implement, or one more task added to the pile that, before you realize it, has already broken out of manageable control. But you have to do it!| TrustedSec
A major step on the CMMC rollout timeline was completed recently as the regulatory change that will create the CMMC contract clause made its way to the Office of Information and Regulatory Affairs (OIRA). This post covers what that means for contractors that want to know when to expect CMMC clauses in their contracts.| TrustedSec
<p>Many DoD contractors are struggling to understand what requirements will apply to them once CMMC rolls out. CMMC defines three levels, but CMMC Level 2 may allow a self-assessment or may require a third-party…</p>| TrustedSec
<p>Implementing CMMC and other Controlled Unclassified Information (CUI) protection obligations depends on the accurate identification of CUI, and in some cases also depends on the identification of the CUI categories and…</p>| TrustedSec
<p>Defense subcontractors may already be seeing CMMC clauses in their contracts, even though the CMMC contracting procedures and contract clause have yet to be finalized (as of this post in August 2025). However, the…</p>| TrustedSec
<p>Plenty of people know how to toss an IP address and port list into Excel for sorting and searching but don’t get a chance to take it to a deeper level. Excel pivot tables are a great next step to explore, offering a…</p>| TrustedSec
<p>We have arrived at our final stage of metamorphosis, taking our pupa and morphing it into a hacking machine. Let's finish this journey. Geared Up Pupa In the first blog, we took various MaxiProx builds and attempted to…</p>| TrustedSec
<p>Understanding the Value of Findings Clients Often QuestionIn some report readouts, we may encounter situations where a client looks at a web application report and asks, “Why are you even reporting that?” This blog…</p>| TrustedSec
<p>Attackers are getting increasingly creative—not just with their payloads, but with how they deliver and operate them. In a recent Incident Response engagement, TrustedSec investigated a case involving an attacker who…</p>| TrustedSec
While digging into the internals of my new Lenovo ThinkPad P1 Gen7, I came across an unexpected discovery that quickly escalated from curiosity to a viable privilege escalation vulnerability. | TrustedSec
Experience fundamentally different cybersecurity for business success, providing end-to-end consulting from penetration testing to design and hardening.| TrustedSec
Mobile devices are a must have in today’s world for communication. With that being said, these devices do come with some risks when it comes to personal data. Common mobile device threat vectors include various attack methods and vulnerabilities that can compromise the security of mobile devices. In this blog, I will discuss some common threat vectors that range from gaining access physical device, phishing attacks on users to malicious applications being installed.| TrustedSec
Understand NIST's Digital Identity Guidelines for secure password implementation and access control, ensuring risk-based authentication and minimizing…| TrustedSec
May 28, 2025 update: | TrustedSec
