Stephan Borosh // The year of 2021 has presented some interesting challenges to securing Windows and Active Directory environments with new flaws that Microsoft has been slow to address. In June, @Harmj0y and @tifkin_ […]
#hivenightmare / #lolwut Jeff McJunkin* // What is it? tl;dr — Unpatched privilege escalation in Windows 10 in nearly all supported builds. The vulnerability (CVE-2021ā36934) allows an attacker with limited […]
tokyoneon // Spoofing credential prompts is an effective privilege escalation and lateral movement technique. It’s not uncommon to experience seemingly random password prompts for Outlook, VPNs, and various other authentication […]
We’ve been having a problem with people that want to play with Security Onion or RITA at home. If a home router does not have a mirror port it can […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
Building a phishing engagement is hard. While the concept is straightforward, real-world execution is tricky. Being successful takes enormous amounts of up-front setup and knowledge in quickly evolving phishing tactics. […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
David Fletcher // Over the past several years, attackers have gained significant traction in targeted environments by using various forms of password guessing. This situation was reflected in the 2020 Verizon […]
In this Black Hills Information Security (BHIS) webcast, you will learn tools and techniques for performing penetration tests against Microsoft Azure environments. Increasingly, more organizations are migrating resources to being […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
Join our Incident Master Ean Meyer as we play another round of Backdoors & Breaches (B&B) session using our new Tabletop Simulator (TTS) version! If you have STEAM / TABLETOP […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
How to make sure your antivirus is working without any malware Michael Allen // Recently, a customer asked me if there was a way they could generate alerts from the new antivirus product they deployed without executing any actual […]
