Rogue RDP – Revisiting Initial Access Methods
Mike Felch // The Hunt for Initial Access With the default disablement of VBA macros originating from the internet, Microsoft may be pitching a curveball to threat actors and red […]
Search Results for: RITA
The DNS over HTTPS (DoH) Mess
Joff Thyer // I woke up this Monday morning thinking that it’s about time I spent time looking at my Domain Name Service (DNS) configuration in my network. (This thought […]
PROMPT# Issue: Choose Wisely
If you’d like to receive the Zine in print format or if you have feedback or comments for the team, scan the QR code and fill out the form below! […]
Webcast: No SPAN Port? No Tap? No Problem!
We’ve been having a problem with people that want to play with Security Onion or RITA at home. If a home router does not have a mirror port it can […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
RFID Proximity Cloning Attacks
Ray Felch // Introduction While packing up my KeyWe Smart Lock accessories, and after wrapping up my research and two previous blogs “Reverse Engineering a Smart Lock” and “Machine-in-the-Middle BLE […]
How to Install Mitre CALDERA and Configure Your SSL Certificate
Carrie & Darin Roberts // If you would like to install the Mitre CALDERA server on your own, the CALDERA GitHub page has installation instructions on their ReadMe here. Detailed […]
How SPF, DKIM, and DMARC Authentication Works to Increase Inbox Penetration (Testing) Rates
Kent Ickler // TL;DR Want a quick fix? Almost every marketing platform we’ve seen has decent tutorials on authorizing outbound email with SPF and DKIM authorization. If you’re a marketing […]
Webcast: Durable vs. Ephemeral Threat Intel
In this Black Hills Information Security webcast John breakdowns why he hates threat intelligence… Again… But, he breaks down some of the cool new projects that are focusing on durable […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
Backdoors & Breaches: Logon Scripts
David Fletcher // This blog post discusses the relevance and techniques involved in logon script abuse. While the Backdoors & Breaches card is featured for this topic, the post will […]