Machine-in-the-Middle (MitM) BLE Attack
Ray Felch // Introduction Continuing with my ongoing Smart Lock attack research (see blog Reverse Engineering a Smart Lock), I decided to move my focus to a different type of […]
How-To
Webcast: The SOC Age Or, A Young SOC Analyst’s Illustrated Primer
Many people get started in security as a Security Operations Center (SOC) analyst. In this Black Hills Information Security (BHIS) webcast we discuss the core skills that a SOC analyst […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
How to Install Mitre CALDERA and Configure Your SSL Certificate
Carrie & Darin Roberts // If you would like to install the Mitre CALDERA server on your own, the CALDERA GitHub page has installation instructions on their ReadMe here. Detailed […]
Webcast: Infosec Mentoring | How to Find and Be a Mentor & Mentee
They say it “takes a village” to help raise a child… well, it also takes a village to help raise an infosec professional. With so many technologies, techniques, and tools […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
Exploiting MFA Inconsistencies on Microsoft Services
Beau Bullock // Overview On offensive engagements, such as penetration tests and red team assessments, I have been seeing inconsistencies in how MFA is applied to the various Microsoft services. […]
Reverse Engineering a Smart Lock
Ray Felch // INTRODUCTION Recently I was afforded the opportunity to research the findings of a well-known security firm (F-Secure), who had discovered a vulnerability in the Guardtec KeyWe Smart […]
Webcast: Pretty Little Python Secrets – Episode 1 – Installing Python Tools and Libraries the Right Way
Have you ever installed a Python tool / library only to then find out other Python based tools you’ve installed previously are now completely broken? Running Kali? Ever try installing […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
Webcast: What to Expect When You’re Expecting a Penetration Test
CJ and Bryan will share the knowledge they’ve accumulated, by helping 1,000’s of organizations determine what they need and don’t need when it comes to penetration tests and security assessments, […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
How SPF, DKIM, and DMARC Authentication Works to Increase Inbox Penetration (Testing) Rates
Kent Ickler // TL;DR Want a quick fix? Almost every marketing platform we’ve seen has decent tutorials on authorizing outbound email with SPF and DKIM authorization. If you’re a marketing […]