Informational

Informational bad passwords, long passwords, password policy, passwords

An Open Letter about Big All-Powerful Company’s Password Policy

Kelsey Bellew // Dear Big All-Powerful Company, Your idea of a ‘strong password’ is flawed. When I first saw the following message, I laughed. I said out loud, “No, you […]

Read the entire post here

Informational Nessus, pentest, Pentesting, Vulnerability Scanning, vulnerability scans

What to Expect from a Vulnerability Scan

Dakota Nelson// For a lot of our customers, their first introduction to pentesting is a vulnerability scan from BHIS. This is after talking to the testers, of course, and setting […]

Read the entire post here

Fun & Games, Informational, Physical Keysy, Physical Pentest, Physical Pentesting, RFID, tools

New Toy Alert: A Quick Review of Keysy

Rick Wisser// Here at BHIS we are always on the lookout for new toys. Especially if we can use them during a pentest. As a pentester, we all have a […]

Read the entire post here

Bitcoin cryptocurrency digital money concept. Robot professor explains electronic mining cash financial system. Classroom interior with handwritten quote chalkboard. Green pink colorful background

Author, Beau Bullock, How-To, Informational Bitcoin, cryptocurrencies, Cryptocurrency, cryptocurrency wallet

Intro to Cryptocurrency and How to Secure Your Coins

Beau Bullock// Overview This blog post is meant to serve as a basic introduction to the world of cryptocurrencies. With cryptocurrencies making their way into mainstream news outlets I am […]

Read the entire post here

Black Vintage clock with red watch at ten o'clock on wooden background

Author, Brian Fehrman, General InfoSec Tips & Tricks, Informational external engagement, Lync, Lync server

PSA: It’s 10PM, Do You Know Where Your Lync Servers Are?

Brian Fehrman// Microsoft Lync servers have been a staple of my external engagements for the past six months or so. I have found a Lync server on all of those […]

Read the entire post here

Author, How-To, Informational, InfoSec 101, Jordan Drysdale INFOSEC 301 CRITICAL CONTROLS, it security, Jordan Drysdale, Small Business

Small and Medium Business Security Strategies: Part 3

Jordan Drysdale // Blurb: A few of us have discussed the stress that small and medium business proprietors and operators feel these days. We want to help stress you out […]

Read the entire post here

Author, Brian Fehrman, How-To, Informational, InfoSec 101 Application Whitelisting Software, AWS, PowerShell

PowerShell w/o PowerShell Simplified

Brian Fehrman // In a previous post, titled PowerShell without PowerShell, we showed you how you can bypass Application Whitelisting Software (AWS), PowerShell restrictions/monitoring, and Command Prompt restrictions. In some […]

Read the entire post here

Author, How-To, Informational, Jordan Drysdale Digital Ocean, Jordan Drysdale, SANS SEC504, vsagent

504 VSAgent Usage Instructions

Jordan Drysdale// HERE IT IS! Finally! For the vsagent from SANS SEC504 (only the finest InfoSec course the world has ever seen!): this is a Q&D deployment guide for the […]

Read the entire post here

00275_02202018_WhenInfosecAndWeedCollide

Author, Brian King, Informational, News, Web App audit, authentication, government, legal, ohio, potheads, webapp, webapp test

When Infosec and Weed Collide: Handling Administrative Actions Safely

BB King//* The state of Ohio recently validated a webapp pentest finding that sometimes goes overlooked. It relates to the details of administrative functions, how they can be abused, and […]

Read the entire post here

«‹ 49 50 51 52