Blog - Page 3 of 63 - Black Hills Information Security

Informational, InfoSec 101, News, Podcasts

Talkin’ About Infosec News – 5/5/2021

Originally Aired on May 5, 2021 Articles discussed in this episode: https://thehackernews.com/images/-V6c2_ZHgMzI/YJFAaQl5RjI/AAAAAAAAA_8/wNs6d4zWc1MHLJ5VPaSpzHvXkFIIcwfZQCLcBGAsYHQ/s0/reset-passsword.jpg https://threatpost.com/dell-kernel-privilege-bugs/165843/ https://www.bleepingcomputer.com/news/security/new-windows-pingback-malware-uses-icmp-for-covert-communication/ https://signal.org/blog/the-instagram-ads-you-will-never-see/ https://nakedsecurity.sophos.com/2021/05/04/apple-products-hit-by-fourfecta-of-zero-day-exploits-patch-now/

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Web App

Web App Pen Testing in an Angular Context

Joff Thyer // If you are a fan of web application pen testing, you have been spoiled with a lot of easy pickings over the years. We all love our interception proxies, and I know a lot of us are huge fans of the great work that PortSwigger has done with Burp Suite over the years. Having said this, […]

Read the entire post here

Informational, InfoSec 101, News, Podcasts

Talkin’ About Infosec News – 5/3/2021

Originally Aired on May 3, 2021 Articles discussed in this episode: https://threatpost.com/deepfake-attacks-surge-experts-warn/165798/ https://threatpost.com/linux-kernel-bug-wider-cyberattacks/165640/ https://www.reddit.com/r/netsec/comments/n36x7h/arbitrary_code_execution_in_exiftool/ https://krebsonsecurity.com/2021/04/experians-credit-freeze-security-is-still-a-joke/ https://github.com/alievk/avatarify-python https://media.ccc.de/v/29c3-5327-en-writing_a_thumbdrive_from_scratch_h264

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

Fun & Games, Hardware Hacking, How-To, Informational

Information From Thin Air: Using SDR to Extract DTMF from Radio Waves

Ray Felch // Disclaimer When using an FM transmitter, do not modify the intended operation of the module by amplifying the transmitted signal. Also, be sure that attaching an FM high gain antenna will NOT be transmitting outside the legal range for RF emissions. When transmitting any data, be sure you do not accidentally break any laws by illegally […]

Read the entire post here

Backdoors & Breaches, Fun & Games, Informational, Podcasts

Backdoors & Breaches LIVE – 4/28/2021

Join our Incident Master BanjoCrashland as we play another round of Backdoors & Breaches (B&B) session using our new Tabletop Simulator (TTS) version! If you have STEAM / TABLETOP SIMULATOR / BACKDOORS & BREACHES WORKSHOP, you can play using the same version of the game. https:/steamcommunity.com/sharedfiles/filedetails/?id=2401033477 Incident Master: Jason Blanchard | BanjoCrashland Defenders: Matt Thomas […]

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

Informational, InfoSec 101, News, Podcasts

Talkin’ About Infosec News – 4/26/2021

Originally Aired on April 26, 2021 Articles discussed in this episode: https://usdaynews.com/celebrities/celebrity-death/dan-kaminsky-death-cause/ https://signal.org/blog/cellebrite-vulnerabilities/ https://arstechnica.com/gadgets/2021/04/hackers-backdoor-corporate-password-manager-and-steal-customer-data/ https://youtu.be/G0gOAvpGoJg

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

Informational, InfoSec 101, News, Podcasts

Talkin’ About Infosec News – 4/19/2021

Originally Aired on April 19, 2021 Articles discussed in this episode: https://www.theverge.com/2021/4/13/22382821/fbi-doj-hafnium-remote-access-removal-hack https://apnews.com/article/russia-safe-harbor-ransomeware-hacking-c9dab7eb3841be45dff2d93ed3102999 https://threatpost.com/critical-cloud-bug-vmware-carbon-black/165278/ https://www.theverge.com/2021/4/18/22390379/federal-investigators-breach-software-codecov-solarwinds https://threatpost.com/google-project-zero-cuts-bug-disclosure-timeline-to-a-30-day-grace-period/165432/

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

Informational

Finding Buried Treasure in Server Message Block (SMB)

David Fletcher // Service Message Block (SMB) shares can represent a significant risk to an organization. Companies often lack a realistic understanding of the exposure that SMB shares represent. Effective management typically requires a sound information management program focused on identifying where critical information resides, actively controlling access to that information, and routinely auditing permissions and access patterns. Often, when organizations are asked about discovery of sensitive data, administrators […]

Read the entire post here

Informational, InfoSec 101, News, Podcasts

Talkin’ About Infosec News – 4/12/2021

Originally Aired on April 12, 2021 Articles discussed in this episode: https://threatpost.com/azure-functions-privilege-escalation/165307/ https://www.theverge.com/2021/4/8/22374464/linkedin-data-leak-500-million-accounts-scraped-microsoft https://news.linkedin.com/2021/april/an-update-from-linkedin https://www.bbc.com/news/world-middle-east-56708778 https://www.tenable.com/blog/cve-2018-13379-cve-2019-5591-cve-2020-12812-fortinet-vulnerabilities-targeted-by-apt-actors

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

«‹ 2 3 4 5 ›»