Jordan Drysdale // Summary! There are tons of security event management (SIEM) solutions available these days, but this blog will focus on Microsoft Sentinel. Sentinel is easy to deploy, logs are inexpensive to retain, the platform is powerful, and even massive data queries are insanely responsive. Attribution is fun, and scary too! Have you ever […]
Have you heard of Backdoors & Breaches, or even have a deck of your own, and yet… still don’t know how to use it? We created an incident response card game that helps you and your organization conduct engaging and effective tabletop exercises. Watch us demo the game and play through the free online version […]
Joff Thyer // I woke up this Monday morning thinking that it’s about time I spent time looking at my Domain Name Service (DNS) configuration in my network. (This thought also emanated from watching many discussions and participating in conversations with Paul Vixie at Wild West Hackin’ Fest in Reno, Nevada 2021.) To put this […]
Ray Felch // This write-up is the first of a multi-part series, providing an introduction to LoRa wireless technology and the LoRaWAN, low-power wide-area network (LPWAN). Interestingly, I came across this technology while researching a GPS tracking project that I was working on and quickly determined that this technology might be a viable alternative to […]
Kent Ickler // Background Over four years ago now, I wrote a blog post on fixing missing Content-Security-Policy by updating configuration on webservers: https://www.blackhillsinfosec.com/fix-missing-content-security-policy-website/. Content-Security-Policies instruct a user’s web browser how it should behave on certain security considerations. Oh, how times have changed. Here at Black Hills Information Security (BHIS), we’ve actually migrated webservers, hosting […]
Podcast: Play in new window | Download
Subscribe: RSS
Max Boehner & Noah Heckman // Introduction As 2020 sent us all into our homes social distancing, the demand for online messaging saw a huge spike in an effort for people to stay in contact with each other. In some cases, even entire social events (like conferences and club meetings) were ported to platforms such as Discord and Slack to increase biological security, while […]
Have you ever seen a call for papers for a conference and thought to yourself that you’d like to submit a talk and then immediately thought, oh never mind? Have you ever been asked to present internally at your organization and immediately recommended someone else to do it? Was it because you didn’t know how […]
Podcast: Play in new window | Download
Subscribe: RSS
Kent Ickler // Because, you know—that should be a thing. TL;DR: Don’t run the Unifi Controller on a laptop in the closet. BACKGROUND Ubiquiti’s Unifi controller is a network device, or software service, that controls Ubiquiti’s Unifi line of devices. Unifi is a brand of devices that, well, unify together to make a better user experience for network users and system admins in the […]
In this Black Hills Information Security (BHIS) webcast, we explore using GoLang to author malware with embedded shellcode. GoLang is a Google-authored modern successor language to C/C++. It is multi-platform, high performance, multi-threaded, and unlike C/C++ includes garbage collection! It has the advantage of compiling to native machine code, unlike .NET C# which is dependent […]
Podcast: Play in new window | Download
Subscribe: RSS
