Black Hills Information Security
Penetration testing for Fortune 50 companies since 2008.
RSS
  • About Us
    • Testers
    • Admin
    • SOC Team
    • HTOC Team
    • Partners
    • Interns
  • Contact
    • Contact Us
    • Email Sign-Up
  • Services
    • Active SOC
    • Blockchain Security
    • Blue Team Services
    • Cyber Range
    • Hunt Teaming (HTOC)
    • Incident Response
    • Penetration Testing
  • Projects/Tools
    • All Tools
    • RITA
    • Backdoors & Breaches
    • Books
    • REKCAH
  • Learn
    • Blog
    • Conference
    • Podcasts
    • PROMPT# Zine
    • Training
    • Webcasts
  • Community
    • Discord
    • LinkedIn
    • T-Shirts & Hoodies
    • Twitter
    • YouTube
Zabbix Templates for Security Analysts and Systems Administrators – EOY 2021

Informational, InfoSec 101 Monitoring, Opsec

Zabbix Templates for Security Analysts and Systems Administrators – EOY 2021

Kent Ickler // Background BHIS uses several tools for monitoring infrastructure. One of the most important tools for us that helps monitor systems health is Zabbix. It’s been a while since I went about creating Zabbix (https://www.zabbix.com/) monitoring templates. Long story short, I took a backseat role to Systems Administration a couple years ago when […]

Read the entire post here

thumbnail_BLOG_chalkboard_--575

Hardware Hacking, How-To, Informational, Wireless

Introducing LoRa (Long Range) Wireless Technology – Part 1

Ray Felch // This write-up is the first of a multi-part series, providing an introduction to LoRa wireless technology and the LoRaWAN, low-power wide-area network (LPWAN). Interestingly, I came across this technology while researching a GPS tracking project that I was working on and quickly determined that this technology might be a viable alternative to […]

Read the entire post here

Fixing Content-Security-Policies with Cloudflare Workers

How-To, Informational Content-Security-Policy, Permissions-Policy, Referrer-Policy, Security Headers, Strict-Transport-Security, X-Content-Type-Options, X-Frame-Options

Fixing Content-Security-Policies with Cloudflare Workers

Kent Ickler // Background Over four years ago now, I wrote a blog post on fixing missing Content-Security-Policy by updating configuration on webservers: https://www.blackhillsinfosec.com/fix-missing-content-security-policy-website/. Content-Security-Policies instruct a user’s web browser how it should behave on certain security considerations. Oh, how times have changed. Here at Black Hills Information Security (BHIS), we’ve actually migrated webservers, hosting […]

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

DNS Over HTTPS for Cobalt Strike

Informational, InfoSec 101, Red Team

DNS Over HTTPS for Cobalt Strike

Kyle Avery // Introduction Setting up the C2 infrastructure for red team engagements has become more and more of a hassle in recent years. This is a win for the security community because it means that vendors and professionals have learned from previously successful techniques and implemented effective mitigations in their networks. DNS over HTTPS […]

Read the entire post here

BLOG_chalkboard_00570

How-To, Informational, Phishing

How to Not Get Scammed on Discord

Max Boehner & Noah Heckman // Introduction As 2020 sent us all into our homes social distancing, the demand for online messaging saw a huge spike in an effort for people to stay in contact with each other. In some cases, even entire social events (like conferences and club meetings) were ported to platforms such as Discord and Slack to increase biological security, while […]

Read the entire post here

00569_11022021_WebcastHowToShareYourKnowledge

Fun & Games, How-To, Informational, Webcasts

Webcast: How to Share Your Knowledge with Others

Have you ever seen a call for papers for a conference and thought to yourself that you’d like to submit a talk and then immediately thought, oh never mind? Have you ever been asked to present internally at your organization and immediately recommended someone else to do it? Was it because you didn’t know how […]

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

Hacking Unifi Controller Passwords for Fun and WIFI

How-To, Informational

Hacking Unifi Controller Passwords for Fun and WIFI

Kent Ickler // Because, you know—that should be a thing.  TL;DR:  Don’t run the Unifi Controller on a laptop in the closet.    BACKGROUND  Ubiquiti’s Unifi controller is a network device, or software service, that controls Ubiquiti’s Unifi line of devices.  Unifi is a brand of devices that, well, unify together to make a better user experience for network users and system admins in the […]

Read the entire post here

How-To, Informational, InfoSec 101, Webcasts

Webcast: Shellcode Execution with GoLang

In this Black Hills Information Security (BHIS) webcast, we explore using GoLang to author malware with embedded shellcode. GoLang is a Google-authored modern successor language to C/C++. It is multi-platform, high performance, multi-threaded, and unlike C/C++ includes garbage collection! It has the advantage of compiling to native machine code, unlike .NET C# which is dependent […]

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

Informational, InfoSec 101, Webcasts

Webcast: The Quest for the Kill Chain Killer Continues

Jordan and Kent have heard from a lot of people that the past Black Hills Information Security (BHIS) webcasts: “Group Policies That Kill Kill Chains” and “Active Directory Best Practices to Frustrate Attackers” have changed their business models for the better. And since they’ve been offered the BHIS soapbox again, they thought it was time […]

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

‹ 1 2 3 4 ›»

Follow Us

Looking For Something?

Browse by category

Recent Posts

  • thumbnail_BLOG_chalkboard_00592Geopolitical Cyber-Detection Lures for Attribution with Microsoft Sentinel 
    Jordan Drysdale // Summary! There are tons of security
  • How to Use Backdoors & Breaches to do Tabletop Exercises and Learn Cybersecurity
    Have you heard of Backdoors & Breaches, or even
  • Talkin’ About Infosec News – 4/25/2022
    ORIGINALLY AIRED ON APRIL 18, 2022 Articles discussed

Browse by topic

Active Directory ADHD anti-virus Attack Tactics AV Blue Team bypassing AV C2 command and control encryption hacking hardware hacking Hashcat infosec john strand Jordan Drysdale Kent Ickler Linux LLMNR MailSniper Microsoft Nessus Password cracking password policy passwords password spraying pen-testing penetration testing pentest Pentesting phishing podcast Podcasts PowerShell Python Raymond Felch Red Team red teaming RITA social engineering Sysmon tools webcast webcasts Windows

Archives

Back to top
Black Hills Information Security

115 W. Hudson St. Spearfish, SD 57783 | 701-484-BHIS
© 2008

Links
Search the site