Derek Banks// I live in an area that was initially projected to be hit by Hurricane Florence. Four days prior to the storm making landfall the governor of my state issued a mandatory evacuation for the zone that I live in. The floor of my house is about nine feet above sea level and there […]
Join special guest Chris Brenton, COO of Active Countermeasures, as he discusses the anatomy of beacons and why you need to be looking for them during a threat hunt. He also talks through the challenges of detecting beacons, and some tricks you can use. Slides from the full webcast can be found here: www.activecountermeasures.com/threat-hunting-beacon-analysis-september-11-2018/
Podcast: Play in new window | Download
Bryan Strand// I have recently started taking SEC566 with James Tarala via SANS on the CSC 20 Critical Controls and decided it would be a great blog series to do a quick overview of each of the controls, and how you could start implementing them on your network. This is by no means an in […]
Dakota Nelson // Dakota talks about the pentester pyramid of pain and the different types of tests available from an information security firm. See his slides here: https://blackhillsinformationsecurity.shootproof.com/gallery/7404264/ Extra links & notes: From guest blog post by Scott Worden: Having the penetration tester reach your crown jewels, get root, own you, pwn you, own3d, 0wn3d, pwned, […]
Podcast: Play in new window | Download
BB King// We got an email from a fan today asking how best to find a mentor in information security. Maybe you’re looking for a mentor too. It’s a great question. Much of the advice you see for people looking to make their start in infosec is something like, “Work at the helpdesk or in […]
Mike Felch// With so many Microsoft technologies, services, integrations, applications, and configurations it can create a great deal of difficulty just to manage everything. Now imagine trying to secure an environment that goes well beyond the perimeter. While moving everything to a cloud provider can provide amazing return in scalability, functionality, and even savings, it […]
Marcello Salvati// During Red Team and penetration tests, it’s always important and valuable to test assumptions. One major assumption I hear from Pentesters, Red teamers and clients alike is that most networks (or their own network) block outbound SMB traffic. In my phishing payloads I always try to inject a UNC path: If macros are […]
Join John Strand as he continues his Attack Tactic series this time with the defense ideas for the attacks mentioned in episode 3 (see more here) To see the entire webcast visit the Active Countermeasures YouTube channel Blogs mentioned in this episode: Mike Felch’s Stealing 2FA Tokens on Red Teams with CredSniper Carrie Roberts’ Gathering […]
Podcast: Play in new window | Download
Melisa Wachs// The first day of school starting soon for your school-age kiddos. What better time to run through some of our basic reporting guidelines with y’all? Here is a short list of points I’ve learned after ten years of reading and editing pen test reports here at Black Hills Information Security. DO: Set up […]
