InfoSec 101

General InfoSec Tips & Tricks, Informational, InfoSec 101 advice, infosec, infosec 101

What I Wish I Would Have Known

Bre Schumacher// Many of you were probably asked as a young child what you wanted to be when you grew up. Maybe you had an idea of something that sounded […]

Read the entire post here

Author, Blue Team, How-To, Informational, InfoSec 101, Jordan Drysdale Critical Controls, Jordan Drysdale, Medium Business, Security Stratigies, Small Business, Vulnerability Management

Small and Medium Business Security Strategies: Part 4

Jordan Drysdale// tl;dr Vulnerability management is a part of doing business and operating on the public internet these days. Include training as part of this Critical Control. Users should be […]

Read the entire post here

C2, External/Internal, General InfoSec Tips & Tricks, How-To, InfoSec 201, InfoSec 301, Red Team, Red Team Tools, Social Engineering C2, C2 Infrastructure, C2K, command and control, Digital Ocean

How to Build a Command & Control Infrastructure with Digital Ocean: C2K Revamped

Lee Kagan* // Expanding upon the previous post in this series, I decided to rewrite C2K (find it here) to change its behavior and options for the user. In this […]

Read the entire post here

Author, Brian Fehrman, General InfoSec Tips & Tricks, Informational external engagement, Lync, Lync server

PSA: It’s 10PM, Do You Know Where Your Lync Servers Are?

Brian Fehrman// Microsoft Lync servers have been a staple of my external engagements for the past six months or so. I have found a Lync server on all of those […]

Read the entire post here

Author, How-To, Informational, InfoSec 101, Jordan Drysdale INFOSEC 301 CRITICAL CONTROLS, it security, Jordan Drysdale, Small Business

Small and Medium Business Security Strategies: Part 3

Jordan Drysdale // Blurb: A few of us have discussed the stress that small and medium business proprietors and operators feel these days. We want to help stress you out […]

Read the entire post here

How-To, InfoSec 101 c-level, c-Suite, information security, infosec, infosec 101

How to Build a Better Relationship With Your C-level Regarding Information Security

Josh Thomas // Editor’s Note: Recently on Twitter, we asked our followers “What’s the hardest thing to get your C-level to understand regarding security?” The answers came in like a roaring […]

Read the entire post here

Author, Brian Fehrman, How-To, Informational, InfoSec 101 Application Whitelisting Software, AWS, PowerShell

PowerShell w/o PowerShell Simplified

Brian Fehrman // In a previous post, titled PowerShell without PowerShell, we showed you how you can bypass Application Whitelisting Software (AWS), PowerShell restrictions/monitoring, and Command Prompt restrictions. In some […]

Read the entire post here

Author, Brian King, Informational, News, Web App audit, authentication, government, legal, ohio, potheads, webapp, webapp test

When Infosec and Weed Collide: Handling Administrative Actions Safely

BB King//* The state of Ohio recently validated a webapp pentest finding that sometimes goes overlooked. It relates to the details of administrative functions, how they can be abused, and […]

Read the entire post here

Author, InfoSec 201, John Strand, News, Webcasts ACDC, ACDC Active Defense Law, Active Defense, webcast

WEBCAST: Proper Active Defense and the New ACDC Active Defense Law

John Strand// In this webcast John talks about the new ACDC law and what it means exactly. There has been quite a bit of anger and great GIFs about hacking […]

Read the entire post here