Dakota Nelson // Unknown Unknowns: So you’ve been pentested. Congrats! It might not feel like it, but this will eventually leave you more confident about your security, not less. The real question is – why might it not feel like it? Pentest findings can be broken down many ways, of course – the obvious one […]
Ray Felch // SOFTWARE DEFINED RADIO: RF Signal Replay Techniques Disclaimer: Be sure to use a faraday bag or cage before transmitting any data so you don’t accidentally break any laws by illegally transmitting on regulated frequencies. Additionally, intercepting and decrypting someone else’s data is illegal, so be careful when researching your traffic. Preface: Recently, […]
Why are companies still recommending an 8-character password minimum? Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend 8-character minimum passwords based on outdated data. Download Slides: https://www.activecountermeasures.com/presentations Originally recorded as a live webcast on December 5th, 2019 Presented by: Darin Roberts & […]
Podcast: Play in new window | Download
Want to learn how attackers bypass endpoint products? Download slides: https://www.activecountermeasures.com/presentations/ 3:41 – Alternate Interpreters 9:19 – Carbon Black Config Issue 15:07 – Cisco AMP EDR – Quick and Easy Bypass 18:24 – PowerShell AMSI Bypass – Rhino 19:07 – CylancePROTECT Bypass 24:14 – Windows Defender and Carbon Black Bypass 30:36 – Windows Subsystem for Linux […]
Podcast: Play in new window | Download
BHIS’ Defensery Driven Duo Delivers Another Delectable Transmission! We know you are worried about your networks. After hours of discussion, we’ve come to the realization that some of our dedicated followers seem to be much more interested in catching malware than learning how to be (please forgive this next statement) “l33t hax0rs.” Download slides: https://www.activecountermeasures.com/presentations/ […]
Podcast: Play in new window | Download
Michael Allen // Every year around the holidays I end up having a conversation with at least one friend or family member about the importance of choosing unique passwords for each web site or service they use. Usually, it’s after they’ve received a phone or a camera or some other “smart” device for Christmas and […]
Dakota Nelson // ‘Twas the week before HackmasAnd all through their housesNot a tester was workingNor moving their mouses The findings were listed in reports with careIn hopes that bugfixes would soon be thereThe hackers were nestled all snug in their chairsWhile bitstreams of 0day flowed through twisted pairs And Heather on her treadmill desk, […]
Why are companies still recommending an 8-character password minimum? Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend 8-character minimum passwords based on outdated data. Download Slides: https://www.activecountermeasures.com/presentations 3:26 – In The Beginning 4:23 – What The Experts Say: PCI 5:55 – What The Experts Say: […]
Podcast: Play in new window | Download
Justin Angel // Penetration testing and red team engagements often require operators to collect user information from various sources that can then be translated into inputs to support social engineering and password attacks. LinkedIn is obviously a prime source for this type of information since users can associate themselves with a particular company. Assuming we […]
