Black Hills Information Security
Penetration testing for Fortune 50 companies since 2008.
  • About Us
    • Testers
    • Admin
    • Bounty Hunters
    • Interns
  • Contact
    • Contact Us
    • Email Sign-Up
  • Services
    • Penetration Testing
    • Active SOC
    • Blue Team Services
    • HTOC
    • Cyber Range
  • Projects/Tools
    • All Tools
    • RITA
    • Backdoors & Breaches
    • Books
  • Learn
    • Blog
    • Webcasts
    • Podcasts
    • Training
The New Security Fundamentals – Kill Your AV

How-To, InfoSec 201 AV, firewalls, Kill your AV, say no to networks, turn off networks

The New Security Fundamentals – Kill Your AV

John Strand // AV is Dead Long Live Whitelisting. We have been discovering more and more of our tests bypass AV controls with ease.  We have yet to see any iteration or vendor in the blacklist space who is adequately preventing attacks using simple blacklist solutions.  What needs to be done in this industry is a move towards a whitelisting […]

Read the entire post here

How Compliance Compromises Happen. (Or, The Most Boring Article Title in the History of All the Internet…)

InfoSec 201

How Compliance Compromises Happen. (Or, The Most Boring Article Title in the History of All the Internet…)

John Strand // There have been quite a few articles lately on how compliance standard X or Y is broken.  Unfortunately, this often leads to blaming the nameless and faceless people behind the standards.  It is easy to simply say they are dullards and not fit to be setting any agenda relating to computer security.   While this may be […]

Read the entire post here

Password Spraying & Other Fun with RPCCLIENT

Password Spray, Red Team password spraying, RPCCLINET

Password Spraying & Other Fun with RPCCLIENT

Joff Thyer //   Many of us in the penetration testing community ar​e used to scenarios whereby we land a targeted phishing campaign within a Windows enterprise environment and have that wonderful access into the world of Windows command line networking tools.    You get your shell and before you know it, you are ready to […]

Read the entire post here

Modifying Metasploit x64 template for AV evasion

External/Internal, Red Team AV, AV evasion, modifying measpoilt, shellcode

Modifying Metasploit x64 template for AV evasion

Joff Thyer //   When performing a penetration of test of organizations with Windows desktops, many testers will now resort to using tools like Veil’s Powershell Empire in order to inject shellcode directly into memory.    Without doubt, this is a fantastic technique as it avoids writing to disk and running headlong into a direct hit […]

Read the entire post here

Service Detection – Tomcat Manager, From “Info” to “Ouch”

Red Team, Web App Info2Ouch, Nessus, Vulnerabilities

Service Detection – Tomcat Manager, From “Info” to “Ouch”

Carrie Roberts // Continuing on the thread of highlighting Nessus vulnerability scan results that turned out to be more severe than reported . . . I always review the “Info” level “Service Detection” finding reported by Nessus, particularly any web servers that it lists because there are often blatant security issues hidden in there. This is as […]

Read the entire post here

Asterisk SIP Server, From “Info” to “Ouch”

External/Internal, Password Spray, Red Team Info2Ouch, Nessus, Vulnerabilities

Asterisk SIP Server, From “Info” to “Ouch”

Carrie Roberts // I learned some new stuff that will make me pay attention to “Asterisk Detection” Nessus informational findings in the future . . . On an external network scan, Nessus reported two hosts running Asterisk SIP services as an informational finding.  When entering the IP address in a browser, only a blank page was […]

Read the entire post here

InfoSec 301 Blue Team, Danger Will Robinson, MS15-034, Patch, Purple Team, Red Team, Remote Code Execution

Waiting Is the Hardest Part: A Purple Team’s Take on MS15-034

Mick Douglas // Current Status: – MS15-034 has remote Denial of Service (DoS) – Remote exploit code appears to be ready soon… maybe.  Stay tuned. BLUE TEAM MARCHING ORDERS: – Patch. Now. Please. – Pay *very* careful attention to your IIS logs for systems that are attacking or attempting the DoS.  You are being profiled. […]

Read the entire post here

A Need For A Change – or – Burning Your Money

InfoSec 201, News breach, external breach, internal breach, it security, verizon breach report

A Need For A Change – or – Burning Your Money

Mick Douglas // Take look at this chart from last year’s Verizon Data Breach Report.  It shows who notified the breached party when they were attacked. This graph is a sad indictment for all of us in the information protection industry.  This chart means that only about 1 in 8 times there’s a breach it’s […]

Read the entire post here

«‹ 53 54 55 56 57

Follow Us

Looking For Something?

Subscribe to the BHISblog

Don't get left in the dark! Enter your email address and every time a post goes live you'll get instant notification! We'll also add you to our webcast list, so you won't miss our occasional emails about upcoming events! (We promise, we're not spammy!)

Browse by category

Recent Posts

  • Talkin’ About Infosec News – 1/20/2021
    ORIGINALLY AIRED ON JANUARY 20, 2021 Articles
  • 00507_01152021_WebcastMoveAssideScriptKiddiesWebcast: Move Aside Script Kiddies – Malware Execution in the Age of Advanced Defenses
    A few short years ago, penetration testers did not
  • Talkin’ About Infosec News – 1/13/2021
    Originally aired on January 13, 2021 Articles

Browse by topic

Active Directory ADHD anti-virus Attack Tactics AV Blue Team bypassing AV C2 cloud command and control hardware hacking Hashcat infosec john strand Jordan Drysdale Kent Ickler Linux LLMNR MailSniper Microsoft Nessus Nmap Password cracking password policy passwords password spraying pen-testing penetration testing pentest Pentesting phishing podcast Podcasts PowerShell Python Raymond Felch Red Team red teaming RITA social engineering Sysmon tools webcast webcasts Windows

Archives

Black Hills Information Security

115 W. Hudson St. Spearfish, SD 57783 | 701-484-BHIS
© 2008

Links
Search the site