How-To, Informational, InfoSec 201, Patterson Cake, Phishing BEC, Business Email Compromise, EC2, Exchange Online Management, M365, Microsoft 365, SOF-ELK, UAL, Unified Audit Log

Wrangling the M365 UAL with SOF-ELK on EC2 (Part 2 of 3)

Patterson Cake // In PART 1 of “Wrangling the M365 UAL,” we talked about the value of the Unified Audit Log (UAL), some of the challenges associated with acquisition, parsing, […]

Read the entire post here

How-To, Incident Response, InfoSec 201, Patterson Cake, Phishing BEC, Business Email Compromise, Exchange Online Management, M365, Microsoft 365, PowerShell EXO, SOF-ELK, UAL, Unified Audit Log

Wrangling the M365 UAL with PowerShell and SOF-ELK (Part 1 of 3)

Patterson Cake // When it comes to M365 audit and investigation, the “Unified Audit Log” (UAL) is your friend. It can be surly, obstinate, and wholly inadequate, but your friend […]

Read the entire post here

Backdoors & Breaches, Fun & Games, Informational, News Def Con

Join Us for Camp BHIS @ DEF CON 31 

Hey, Campers! It’s that time of year again. The smell of 0-day in the air. Charlatans roasting by the pyre. Old friends and new gather in one of the worst […]

Read the entire post here

Blue Team, Blue Team Tools, General InfoSec Tips & Tricks, How-To, Incident Response, Informational, InfoSec 101, InfoSec 201, Troy Wojewoda DFIR

Welcome to Shark Week: A Guide for Getting Started with Wireshark and TShark

Troy Wojewoda // In honor of Shark Week1, I decided to write this blog to demonstrate various techniques I’ve found useful when analyzing network traffic with Wireshark, as well as […]

Read the entire post here

General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Serena DiPenti

Shenetworks’ Guide to Landing Your First Tech Job

Serena DiPenti // Buckle up for this one because I’m about to give you A LOT of information. As someone who works in tech and creates tech content, I am […]

Read the entire post here

External/Internal, How-To, Informational, Justin Angel Exfil

Evasive File Smuggling with Skyhook 

ImposterKeanu // Introduction  This blog post introduces the reader to “The Obfuscation Hustle”, a term I enjoy using to describe the tedious process of obfuscating and delivering files to corporate […]

Read the entire post here

Informational, InfoSec 101, Tom Smith Compliance, FTC, Incident Response, penetration testing, Safeguard Rule

Why Do Car Dealers Need Cybersecurity Services? 

Tom Smith // At Black Hills Information Security (BHIS), we deal with all manner of clients, public and private. Until a month or two ago, though, we’d never dealt with […]

Read the entire post here

Recon, Serena DiPenti

Shenetworks Recommends: Using Nmap Like a Pro 

shenetworks // One day at work I received a case stating a client couldn’t connect to the management interface of a new server. I asked the client to change the […]

Read the entire post here

General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, John Malone Archive, data, testing

Six Tips for Managing Penetration Test Data

John Malone // Introduction Information is power. This sentiment also holds true when discussing the creation of a supporting archive. A supporting archive is something that we put together to […]

Read the entire post here