What You Should Actually Learn From a Pentest Report
Dakota Nelson // Unknown Unknowns: So you’ve been pentested. Congrats! It might not feel like it, but this will eventually leave you more confident about your security, not less. The […]
Dakota Nelson // Unknown Unknowns: So you’ve been pentested. Congrats! It might not feel like it, but this will eventually leave you more confident about your security, not less. The […]
Ray Felch // SOFTWARE DEFINED RADIO: RF Signal Replay Techniques Disclaimer: Be sure to use a faraday bag or cage before transmitting any data so you don’t accidentally break any […]
Why are companies still recommending an 8-character password minimum? Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
Want to learn how attackers bypass endpoint products? Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_SacredCashCowTipping2020.pdf 3:41 – Alternate Interpreters 9:19 – Carbon Black Config Issue 15:07 – Cisco […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
BHIS’ Defensery Driven Duo Delivers Another Delectable Transmission! We know you are worried about your networks. After hours of discussion, we’ve come to the realization that some of our dedicated […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
Michael Allen // Every year around the holidays I end up having a conversation with at least one friend or family member about the importance of choosing unique passwords for […]
Dakota Nelson // ‘Twas the week before HackmasAnd all through their housesNot a tester was workingNor moving their mouses The findings were listed in reports with careIn hopes that bugfixes […]
Why are companies still recommending an 8-character password minimum? Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
Justin Angel // Penetration testing and red team engagements often require operators to collect user information from various sources that can then be translated into inputs to support social engineering […]