Advertisement · 728 × 90
#
Hashtag
#TrustedSec
Advertisement · 728 × 90
@cyberresearch.bsky.social
1 day ago
TrustedSec Livestream - AMA: Detection Engineering in 2026 and Beyond with John Dwyer
TrustedSec Livestream - AMA: Detection Engineering in 2026 and Beyond with John Dwyer Join TrustedSec and Binary Defense for an exclusive live Ask Me Anything session with John Dwyer, Deputy CTO and Head of ARC Labs at Binary Defense, as he dives deep into Detection Engineering in 2026 and beyond. This interactive livestream is your opportunity to get expert insights on the latest threats, detection strategies, and the future of security operations directly from one of the industry's leading voices. Come prepared with your questions and walk away with actionable knowledge to sharpen your detection capabilities.

Originally from From TrustedSec: TrustedSec Livestream - AMA: Detection Engineering in 2026 and Beyond with John Dwyer ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
3 days ago
Preview
Policy as Code: Stop Writing Policies and Start Compiling Them The Problem Nobody Wants to Talk AboutLet me paint a picture most security leaders will recognize.You have 30+ policies living as Word documents on SharePoint. Half of them have filenames like…

Originally from TrustedSec: Policy as Code: Stop Writing Policies and Start Compiling Them ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
4 days ago
AI is Exploring The Deep Blue CVEs - Security Noise Ep 8.12
AI is Exploring The Deep Blue CVEs - Security Noise Ep 8.12 Let's find a CVE! On this episode of Security Noise, we explore the cutting-edge use of AI in vulnerability research, exploit development, and cybersecurity defense. Guests Christopher Paschen, Research Practice Lead at TrustedSec, and Principal Security Consultant Justin Bollinger sit down with Geoff and Skyler to discuss how frontier AI models are transforming security practices, the ethical implications, and the future of AI-driven hacking and defense. About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Find more cybersecurity resources on our website at https://trustedsec.com/resources.

Originally from From TrustedSec: AI is Exploring The Deep Blue CVEs - Security Noise Ep 8.12 ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
5 days ago
Preview
Building a Detection Foundation: Part 4 - Sysmon Filling the Gaps Native Logging Can'tAt this point in our series, we have Windows Security events capturing logon sessions and process creation, and PowerShell logging capturing script execution. That's a…

Originally from TrustedSec: Building a Detection Foundation: Part 4 - Sysmon ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 week ago
AI isn't Skynet, it's a really fast search engine #ai #podcast #terminator
AI isn't Skynet, it's a really fast search engine #ai #podcast #terminator Skip the sci-fi narrative—AI is a tool, and a powerful one at that. The real advantage goes to those who know how to use it intentionally. Watch the full Security Noise podcast episode "IR Evolve" now: https://youtu.be/D4mkj2M1aT0

Originally from From TrustedSec: AI isn't Skynet, it's a really fast search engine #ai #podcast #terminator ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 week ago
Preview
Full Disclosure: A Third (and Fourth) Azure Sign-In Log Bypass Found Invisible password sprays. Invisible logins. Full tokens returned.Nyxgeek here. It's 2026 and I've got two more Azure Entra ID sign-in log bypasses to share with you. Don't get too excited…these bypasses…

Originally from TrustedSec: Full Disclosure: A Third (and Fourth) Azure Sign-In Log Bypass Found ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 week ago
Webinar - Copilot Security: What to Know Before You Go
Webinar - Copilot Security: What to Know Before You Go Microsoft Copilot is rapidly becoming the go-to AI companion across organizations, and if you’re managing Microsoft 365, this version of Copilot will likely be deployed in the near future. But rushing into a Copilot rollout without proper preparation can lead to security gaps, user confusion, and missed opportunities. During our this webinar, our experts will walk you through the critical groundwork needed before flipping the switch on Microsoft 365 Copilot. You’ll discover the configuration changes, security considerations, and organizational steps that separate successful deployments from problematic ones. What we will cover: -What is Copilot and how will it integrate with your existing Microsoft 365 setup? -The different Copilot variants and which one fits your organization’s needs -What you need to know about data protection, data governance, and tenant Entra ID readiness -Common deployment pitfalls and how to avoid them before they impact your users and your security posture Join Managing Director of Remediation Services Paul Sems and Identity Security Architect Sean Metcalf to learn how you can best prepare for your company’s Copilot launch and stay secure in the process. This live session is perfect for IT administrators, Microsoft 365 managers, and anyone responsible for enterprise AI tool rollouts. You’ll have the chance to ask our experts your burning questions and walk away with a concrete action plan you can implement immediately.

Originally from From TrustedSec: Webinar - Copilot Security: What to Know Before You Go ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 week ago
Preview
Better Together: Combining Automation and Manual Testing When I started working in mobile application security in 2018, most testing was still largely manual. Since then, the ecosystem has exploded with scanners, frameworks, and automation platforms. With more tools…

Originally from TrustedSec: Better Together: Combining Automation and Manual Testing ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 week ago
Cyber Threats Grow Amid Iran War | CNBC
Cyber Threats Grow Amid Iran War | CNBC "Things that were typically off the table before are now on the table as far as what Iran will be targeting and that's what we need to be concerned with." TrustedSec Founder and CEO David Kennedy spoke with CNBC about the Stryker cyber attack and why in time of warfare the private sector is in scope. Learn more about TrustedSec at https://trustedsec.com/.

Originally from From TrustedSec: Cyber Threats Grow Amid Iran War | CNBC ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
2 weeks ago
Iran Appears to Expand War to Cyberspace | NBC News
Iran Appears to Expand War to Cyberspace | NBC News The Iran-linked attack on Stryker is raising important questions about critical infrastructure security. TrustedSec Founder and CEO David Kennedy joins NBC News to discuss the broader implications of these attacks and what organizations and individuals can do to stay protected. Learn more about TrustedSec at https://trustedsec.com/.

Originally from From TrustedSec: Iran Appears to Expand War to Cyberspace | NBC News ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
2 weeks ago
Iran Targets Stryker with Major Cyber Attack | Fox News Channel
Iran Targets Stryker with Major Cyber Attack | Fox News Channel Iran targeted Stryker, a U.S.-based medical equipment company, in a major cyber attack this week. TrustedSec Founder and CEO David Kennedy joins Fox News Channel to discuss the attacks and what organizations can do to stay ahead of them. Learn more about TrustedSec at https://trustedsec.com/.

Originally from From TrustedSec: Iran Targets Stryker with Major Cyber Attack | Fox News Channel ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

1 0 0 0
@cyberresearch.bsky.social
2 weeks ago
Preview
LnkMeMaybe - A Review of CVE-2026-25185 A Windows shortcut (.lnk) seems very simple on the surface. It is a file that points somewhere and tells the system to open or execute a resource. A shortcut is relatively easy to overlook and can be spoofed to look…

Originally from TrustedSec: LnkMeMaybe - A Review of CVE-2026-25185 ( :-{ı▓ #trustedsec #pentesting #cyberresearch

1 1 0 0
@cyberresearch.bsky.social
2 weeks ago
Preview
Building a Detection Foundation: Part 3 - PowerShell and Script Logging The Second Most Important Data Source You're Probably Not CapturingIn Part 2, we enabled process creation logging with command lines. That's a big step forward. But here's the thing about PowerShell:…

Originally from TrustedSec: Building a Detection Foundation: Part 3 - PowerShell and Script Logging ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
2 weeks ago
IR Evolve - Security Noise Ep 8.11
IR Evolve - Security Noise Ep 8.11 How is incident response (IR) changing as threats are advancing? Increasing attack speeds and dropping exfiltration times have responders on high alert. On this episode of Security Noise, we invite TrustedSec's Incident Response Practice Lead Ryan Macfarlane on the podcast to discuss current findings in the digital forensics and IR space and how AI impacts cybersecurity. Ryan also talks about his time as an FBI Cyber agent. About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Find more cybersecurity resources on our website at https://trustedsec.com/resources.

Originally from From TrustedSec: IR Evolve - Security Noise Ep 8.11 ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
3 weeks ago
Preview
Building a Detection Foundation: Part 2 - Windows Security Events The Audit Policies Nobody ConfiguresIn Part 1, we looked at why relying on a single telemetry source is a recipe for blind spots. Now let's get practical. Windows has a rich set of security auditing capabilities…

Originally from TrustedSec: Building a Detection Foundation: Part 2 - Windows Security Events ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
3 weeks ago
Webinar - CMMC Challenges and Misunderstandings
Webinar - CMMC Challenges and Misunderstandings The defense supply chain is struggling with CMMC implementation, and it’s not because the requirements are inherently complex. The problem is misinformation, scope creep, and upstream contractors who don’t understand when CMMC actually applies. During our next webinar, our experts will cover the misunderstandings that are creating the most problems for contractors and subcontractors, from CUI marking confusion to unnecessary Level 2 requirements. In this live session, we will cover: - Understanding what CUI really means and when protection is actually required - Distinguishing between ITAR, classified information, and legitimate CUI - Identifying when CMMC Level 2 certification is truly necessary - Managing upstream contractors who are overreaching with CMMC requirements - Controlling scope creep in your compliance program - Ensuring external service provider compliance without overcomplicating the process Join us for an in-depth session with Director of Advisory Services Chris Camejo and Compliance Practice Lead Lee Quinton that addresses the real challenges you’re facing in your CMMC journey. They’ll dig into the specific issues that are causing delays, increasing costs, and creating compliance headaches across the defense industry. Designed for contractors, subcontractors, and service providers, this webinar will provide practical, actionable guidance to navigate CMMC requirements effectively. Get the clarity your CMMC program needs to succeed. Let’s tackle your CMMC questions together!

Originally from From TrustedSec: Webinar - CMMC Challenges and Misunderstandings ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
3 weeks ago
Obviously, you have to call an AI "Jarvis" #ai #podcast
Obviously, you have to call an AI "Jarvis" #ai #podcast When AI can integrate across projects, systems, and security with a simple text, innovation stops being theoretical — it becomes reality. Watch the full episode "Ten Years: A Decade of Doing This" now! https://youtu.be/zlaWEVnu8Pg

Originally from From TrustedSec: Obviously, you have to call an AI "Jarvis" #ai #podcast ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
3 weeks ago
Discord Livestream - AMA: Incident Response
Discord Livestream - AMA: Incident Response Join us for our next Discord Livestream “AMA: Incident Response” on March 19 at 11:00am ET! Incident Response Practice Lead Ryan Macfarlane will field your questions on what TrustedSec is seeing on IR engagements, common attack vectors, as well as AI threats and how criminal and nation state actors are using it. Ryan is also willing to answer questions about his time as an FBI Cyber agent – questions about aliens will be considered on a case-by-case basis ;) Bring all your incident response questions and connect with our Discord community!

Originally from From TrustedSec: Discord Livestream - AMA: Incident Response ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

1 0 0 0
@cyberresearch.bsky.social
1 month ago
AI-Generated Zoom Video Attacks? It's more common than you think. #podcast #security
AI-Generated Zoom Video Attacks? It's more common than you think. #podcast #security We are getting a lot of requests for AI-generated Zoom video attacks! It's ramping up quick. Watch the full episode on LLM attacks now! https://youtu.be/QA_j4ZUYDAs

Originally from From TrustedSec: AI-Generated Zoom Video Attacks? It's more common than you think. #podcast #security ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 month ago
Preview
Building a Detection Foundation: Part 1 - The Single-Source Problem The Uncomfortable Truth About Your Telemetry Let me start with an observation that might hit close to home. In my years working Incident Response cases and running Tabletop Exercises, I've noticed a pattern that…

Originally from TrustedSec: Building a Detection Foundation: Part 1 - The Single-Source Problem ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 month ago
Ten Years: A Decade of Doing This - Security Noise Ep. 8.10
Ten Years: A Decade of Doing This - Security Noise Ep. 8.10 It's our 10TH ANNIVERSARY! In this episode of Security Noise, we react to some significant developments in InfoSec, including Microsoft's integration of Sysmon into Windows. We are joined by TrustedSec Founder and CEO David Kennedy to celebrate a decade of our podcast and talk about the early years. As we reminisce, Skyler digs through the archives and pulls up some old clips to see how TrustedSec has evolved in the cybersecurity space over the years. Lastly, but not leastly, we are joined by Senior Security Consultant Kelsey Segrue as she gives her analysis on the U.S. Government's newly-conquered control over TikTok and we discuss the future of social media platforms. Tune in and turn up for this trip down memory lane! About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Find more cybersecurity resources on our website at https://trustedsec.com/resources.

Originally from From TrustedSec: Ten Years: A Decade of Doing This - Security Noise Ep. 8.10 ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 month ago
"Signal Sniffer" Tracks Pacemaker Signal | NewsNation
"Signal Sniffer" Tracks Pacemaker Signal | NewsNation From genetic genealogy to camera footage, authorities are employing multiple strategies to profile the kidnapper of Nancy Guthrie. TrustedSec Founder and CEO David Kennedy joins NewsNation to discuss his work with law enforcement, specifically leveraging "signal sniffer" technology to extend search ranges and detect the unique electronic signature of Guthrie’s pacemaker. Learn more about TrustedSec at https://trustedsec.com/.

Originally from From TrustedSec: "Signal Sniffer" Tracks Pacemaker Signal | NewsNation ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 month ago
"Signal Sniffer" to Aid in Nancy Guthrie Kidnapping | CBS Evening News
"Signal Sniffer" to Aid in Nancy Guthrie Kidnapping | CBS Evening News While authorities await DNA results and review limited doorbell footage, a new technological edge may aid the search for Nancy Guthrie. TrustedSec Founder and CEO David Kennedy joins CBS Evening News to discuss his "signal sniffer" technology. He talks about how the tool could assist in picking up her specific pacemaker signal from hundreds of feet away and locate Guthrie. Learn more about TrustedSec at https://trustedsec.com/.

Originally from From TrustedSec: "Signal Sniffer" to Aid in Nancy Guthrie Kidnapping | CBS Evening News ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 month ago
Preview
Notepad++ Plugins: Plug and Payload Notepad++ has been in the news recently for a breach of infrastructure associated with the Notepad++ updater. This attack may have allowed an adversary to deliver backdoored updates which could allow arbitrary code…

Originally from TrustedSec: Notepad++ Plugins: Plug and Payload ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 month ago
LLM = Love Language Model?! - Security Noise Ep 8.9
LLM = Love Language Model?! - Security Noise Ep 8.9 AI seems to be everywhere in 2026. This can be problematic when it goes undetected in our personal interactions, including our romantic lives though dating apps, catfishing, or romance scams. In this special Valentine's Day episode, Geoff and Skyler talk about the rise in spam tactics, the use of AI in catfishing and social engineering, and the "Dead Internet" theory. They tested some of these tactics, armed with a highly-trained LLM (Love Language Model), and made a "phishy" phone call to TrustedSec's Director of Software Security, Scott White. Find out if their social engineering attempt works and watch now!  About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Find more cybersecurity resources on our website at https://trustedsec.com/resources.

Originally from From TrustedSec: LLM = Love Language Model?! - Security Noise Ep 8.9 ( :-{ı▓ #TrustedSec #Pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 month ago
Preview
Updated GSA Contractor CUI Protection Requirements CMMC has been getting much of the Controlled Unclassified Information (CUI) attention lately due to the size of the defense industrial base, but General Services Administration (GSA) requirements for protecting CUI are…

Originally from TrustedSec: Updated GSA Contractor CUI Protection Requirements ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 month ago
Preview
Securing Entra ID Administration: Tier 0 Entra ID (formerly Azure AD) is the core service upon which Microsoft 365 applications rely for directory and authentication services. This makes Entra ID security a critical element for any organization that leverages…

Originally from TrustedSec: Securing Entra ID Administration: Tier 0 ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 month ago
Preview
Keys to JWT Assessments - From a Cheat Sheet to a Deep Dive The Cheat Sheet section is for quick reference.The Learn section is for those who have never touched the topic before.The Implement section is for more detailed descriptions of each Cheat Sheet…

Originally from TrustedSec: Keys to JWT Assessments - From a Cheat Sheet to a Deep Dive ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
1 month ago
Preview
MCP in Burp Suite: From Enumeration to Targeted Exploitation MCP-ASD Burp extension has been submitted to the BApp Store and is awaiting approval.MCP OVERVIEWMCP (Model Context Protocol) servers are becoming more common thanks to their ease of integration with AI systems such as…

Originally from TrustedSec: MCP in Burp Suite: From Enumeration to Targeted Exploitation ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0
@cyberresearch.bsky.social
2 months ago
Preview
LDAP Channel Binding and LDAP Signing With Microsoft “enforcing” Lightweight Directory Access Protocol (LDAP) Signing by default in Server 2025, it once again seems like a good time to revisit our old friends LDAP Channel Binding and LDAP Signing. It’s…

Originally from TrustedSec: LDAP Channel Binding and LDAP Signing ( :-{ı▓ #trustedsec #pentesting #cyberresearch

0 0 0 0