Ray Felch // Disclaimer When using an FM transmitter, do not modify the intended operation of the module by amplifying the transmitted signal. Also, be sure that attaching an FM high gain antenna will NOT be transmitting outside the legal range for RF emissions. When transmitting any data, be sure you do not accidentally break any laws by illegally […]
David Fletcher // Service Message Block (SMB) shares can represent a significant risk to an organization. Companies often lack a realistic understanding of the exposure that SMB shares represent. Effective management typically requires a sound information management program focused on identifying where critical information resides, actively controlling access to that information, and routinely auditing permissions and access patterns. Often, when organizations are asked about discovery of sensitive data, administrators […]
Ray Felch // Overview Infrared technology has been around for a very long time and is a wireless technology used in devices that convey data by way of Infrared radiation. Infrared is electromagnetic radiation (EMR) with a wavelength just beyond the visible light spectrum. Inasmuch, Infrared can not be seen by the naked eye, Fun fact: Although […]
During remote red team exercises, it can be difficult to keep from leaking information to the target organization’s security team. Every interaction with the target’s website, every email sent, and every network service probed leaves some trace that the red team was there. Mature blue teams can correlate those pieces of information to identify red […]
Podcast: Play in new window | Download
Subscribe: RSS
Edward Miro // Backdoors & Breaches is now available as an official Workshop Mod for Tabletop Simulator! Backdoors & Breaches (B&B) contains 52+ unique cards to help you conduct incident response tabletop exercises and learn attack tactics, tools, and methods. This post is a guide for getting a virtual B&B game going. Note: New attack, […]
It is another year for the Sacred Cash Cow Tipping Webcast. For those of you who are new to our email list within the past year, this is a webcast where we cover the various tools and techniques that Black Hills Information Security (BHIS) uses to bypass endpoint security protections. The point of this webcast is […]
Podcast: Play in new window | Download
Subscribe: RSS
A few short years ago, penetration testers did not have to work too hard for their malware command channels to execute. Fast forward to today in the age of Endpoint Detection and Response, User Behavior Analytics, and advanced built-in O/S defenses, your standard toolkit for malware generation/execution does not work anymore. All is not lost! […]
Podcast: Play in new window | Download
Subscribe: RSS
Jordan Drysdale // tl;dr This blog is being provided to demonstrate the capabilities of Sysmon logging broken down by event ID. The IDs will be captured in context and matched to their sysmon-modular configuration section for tuning opportunities. Please allow me a shout out here to the author of the sysmon-modular repository on Github. Olaf […]
This blog was written in conjunction with Wild West Hackin’ Fest. Does the news on SUNBURST and SUPERNOVA have you feeling like you’re flapping in the (Solar)Wind? Join John Strand, Jonathan Ham, and Jake Williams as they discuss the implications of the breaches in this no-FUD webcast. No, we won’t be discussing “cyber Pearl Harbor” […]
Podcast: Play in new window | Download
Subscribe: RSS
