Blog - Page 52 of 79 - Black Hills Information Security, Inc.

Macro shot of twenty sided dice with other dice

Author, Blue Team, John Strand Cubicles and Compromises, Dungeons and Dragons, Incident Response, Table Top

Dungeons & Dragons, Meet Cubicles & Compromises

John Strand // Lately we’ve been running a very cool game with a few of our customers. There’s been some demand for incident response table top exercises. For the […]

Read the entire post here

00259_12202017_BusinessSecurityStrategiesPart1(2)

Author, Blue Team, How-To, Jordan Drysdale Critical Controls, it security, Jordan Drysdale, Small Business, Small Business Security

Small and Medium Business Security Strategies: Part 1

Jordan Drysdale// Blurb: A few of us have discussed the stress that small and medium business proprietors and operators feel these days. We want to help stress you out even […]

Read the entire post here

Red Team, Red Team Tools, Webcasts BurpSuite, ZAP

WEBCAST: There and Back Again – A Pathfinder’s Tale

Matthew Toussain// Portswigger’s Burpsuite has become the tool of choice for web application penetration testers. OWASP’s Zed Attack Proxy (ZAP) not only fights in the same weight class but also […]

Read the entire post here

00257_12132017_PerformingPhysicalPentest

Author, Jordan Drysdale, Physical, Red Team Badgy, Jordan Drysdale, pen-testing, penetration testing, pentest, Pentesting, Physical Pentest

Performing a Physical Pentest? Bring This!

Jordan Drysdale// Physical Pentest Upcoming? Bring a Badgy. While badge reproduction may not be the intended use of this product, if you are a physical tester and you don’t own […]

Read the entire post here

00256_12062017_DiggingIntoVulnerableWindowsServices

Author, Brian Fehrman, External/Internal, Red Team Application Whitelisting, escalated, penetration testing, Pentesting, privilege escalation, whitelisting, Windows, Windows Privilege Escalation

Digging Deeper into Vulnerable Windows Services

Brian Fehrman // Privilege escalation is a common goal for threat actors after they have compromised a system. Having elevated permissions can allow for tasks such as: extracting local password-hashes, […]

Read the entire post here

00255_12042017_MorningWithCobaltStrikeSymantec

Author, C2, Joff Thyer, Red Team anti-virus, AV software, C2, easy button, pen-testing, penetration testing, pentest, Pentesting, Symantec, There is NO easy button

A Morning with Cobalt Strike & Symantec

Joff Thyer // If you have been penetration testing a while, you likely have ended up in a Red Team situation or will be engaged in it soon enough. From […]

Read the entire post here

Red Team, Red Team Tools how to hide payload in MS docs, Malware, Microsoft, MS Word, pen-testing, penetration testing, pentest, Pentesting, Pentesting tips and tricks, PowerShell, PowerShell Scripts, Word

Hide Payload in MS Office Document Properties

Carrie Roberts* // Can you think of a reason why you might want to put a lengthy comment into the properties of an MS Office document? If you can, then […]

Read the entire post here

Author, InfoSec 201, John Strand, News, Webcasts ACDC, ACDC Active Defense Law, Active Defense, webcast

WEBCAST: Proper Active Defense and the New ACDC Active Defense Law

John Strand// In this webcast John talks about the new ACDC law and what it means exactly. There has been quite a bit of anger and great GIFs about hacking […]

Read the entire post here

Fun & Games christmas gifts, christmas gifts for nerds, gift guide, infosecker gift list

BHIS’s 2nd Annual Infosecker’s* Gift-List

Sierra Ward with help from all // Wow, another year, another Christmas and another chance to be totally stumped by what to get you favorite InfoSecker. But fear not! We are […]

Read the entire post here

«‹ 51 52 53 54 ›»