Poking Holes in the Firewall: Egress Testing With AllPorts.Exposed
Beau Bullock // If you have been even remotely in touch with technology in the past thirty years you have probably heard of this thing called a “firewall”. If not, […]
Three Minutes with the HTTP TRACE Method
Brian King // All of our scanning tools tell us that we should disable the HTTP TRACE and TRACK methods. And we all think that’s because there’s something an attacker […]
Click to Enable Content
Sally Vandeven // Evading anti-virus scanners has become a bit of a sport around BHIS. When we do C2 testing for our customers we start with a host on the […]
Information Security Glossary – v2
Original by Bob Covello, CISSP / Modified with permission by BHIS // Note: This glossary was started to answer questions related to information security. It will be updated as required. […]
Passphrases for Tiny People
Gail Menius // Once upon a time, in a land not too far away (about two miles from where I’m sitting now) I used to be an elementary school librarian. […]
Risky Business
Mike Perez // At BHIS, a few of our customers have come to us very recently with the “risk du jour”; no, not the Cash for Creds program Beau highlighted but […]
Incidence Response
Darin Roberts // According to the Identity Theft Resource Center, there were 781 data breaches tracked in 2015. That is, on average, over 2 per day. And that represents only […]
How to Secure Your Home Network
Katherine MacMillan // Something interesting happened last week. A programmer by the name of Matthew Garrett gained access to the lighting and window controls to nearly every room of a […]
Public Wi-Fi Insecurity – Part Deux, For Compliance Sakes
Jordan Drysdale // (See Jordan’s Part 1 of this post here.) PCI-DSS strolled into town with the latest compliance package of minutiae laden IT speak at the end of last year. […]