Hayden Covington // Phishing is an ever-present threat, but lately, user education and spam filters have helped mitigate some of that threat. But what happens when a phish makes it […]
Patterson Cake // PART 1 PART 2 In part one of “Wrangling the M365 UAL,” we talked about acquiring, parsing, and querying UAL data using PowerShell and SOF-ELK. In part […]
Patterson Cake // In PART 1 of “Wrangling the M365 UAL,” we talked about the value of the Unified Audit Log (UAL), some of the challenges associated with acquisition, parsing, […]
Patterson Cake // When it comes to M365 audit and investigation, the “Unified Audit Log” (UAL) is your friend. It can be surly, obstinate, and wholly inadequate, but your friend […]
Hey, Campers! It’s that time of year again. The smell of 0-day in the air. Charlatans roasting by the pyre. Old friends and new gather in one of the worst […]
Troy Wojewoda // In honor of Shark Week1, I decided to write this blog to demonstrate various techniques I’ve found useful when analyzing network traffic with Wireshark, as well as […]
Serena DiPenti // Buckle up for this one because I’m about to give you A LOT of information. As someone who works in tech and creates tech content, I am […]
ImposterKeanu // Introduction This blog post introduces the reader to “The Obfuscation Hustle”, a term I enjoy using to describe the tedious process of obfuscating and delivering files to corporate […]
Tom Smith // At Black Hills Information Security (BHIS), we deal with all manner of clients, public and private. Until a month or two ago, though, we’d never dealt with […]
