Podcasts

Our content is now available for download so you can listen offline. Check back as we add more episodes.

00424_12112019_PodcastPasswordsWeakestLink

, , , , , , ,

Podcast: Passwords: You Are the Weakest Link

Why are companies still recommending an 8-character password minimum?  Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend 8-character minimum passwords based on outdated data.  Download Slides: https://www.activecountermeasures.com/presentations Originally recorded as a live webcast on December 5th, 2019 Presented by: Darin Roberts & […]

Podcast: Play in new window | Download

Subscribe: Android | RSS

Read the entire post here

00389_05302019_AttackTacts6

, , , , , , , , , , ,

Podcast: Attack Tactics 6! Return of the Blue Team

Download slides: https://www.activecountermeasures.com/presentations In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5!!! Originally recorded as a live webcast on May 16th, 2019Presented by: John Strand, Jordan Drysdale, Kent Ickler Join the BHIS Blog Mailing List – get notified when […]

Podcast: Play in new window | Download

Subscribe: Android | RSS

Read the entire post here

00387_05112019_PODCAST_Weaponizing_Intel

, , , , , , , , , , , , , ,

Podcast: Weaponizing Corporate Intel. This Time, It’s Personal!

Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester performs up front. Often times testers only resort to using publicly available tools which can overlook critical assets. Download slides: http://www.activecountermeasures.com/presentations/ In this one-hour BHIS podcast […]

Podcast: Play in new window | Download

Subscribe: Android | RSS

Read the entire post here

00377_03182019_PODCAST_TrackingAttackers

, , , , , , , , , , , , ,

BHIS PODCAST: Tracking attackers. Why attribution matters and how to do it.

In this BHIS podcast, originally recorded as a live webcast, we cover some new techniques and tactics on how to track attackers via various honey tokens.  We cover how to track with Word Web Bugs in ADHD, and cover the awesome toolkit from Thinkst.  We also cover some of the legal ramifications involved in doing […]

Podcast: Play in new window | Download

Subscribe: Android | RSS

Read the entire post here

00375_03062019_PODCAST_EndpointSecurityGotYouDown

, , , , , , , , , , , , , ,

BHIS PODCAST: Endpoint Security Got You Down? No PowerShell? No Problem.

Do your PowerShell scripts keep getting caught? Tired of dealing with EDRs & Windows Defender every time you need to pop a box?  In this one-hour podcast, originally recorded as a live webcast, we introduce a somewhat new Red Team approach that we call BYOI (Bring Your Own Interpreter). Download slides: https://www.activecountermeasures.com/presentations/ Turns out, by […]

Podcast: Play in new window | Download

Subscribe: Android | RSS

Read the entire post here

00373_02272019_PODCAST_BlockchainAndYou

, , , , , , , , ,

BHIS Podcast: Blockchain and You! InfoSec Edition

Take a good look at Bitcoin right now… these are the unlucky ones. These are the unfortunate souls who jumped on another overinflated balloon. But, does this Bitcoin crash completely undermine all blockchain technologies? Since Bitcoin is crashing and burning we figured it would be a good time to have a webcast on blockchain security […]

Podcast: Play in new window | Download

Subscribe: Android | RSS

Read the entire post here

Sacred Cash Cow Tipping 2019 Podcast

, , , , ,

PODCAST: Sacred Cash Cow Tipping 2019

Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, “Why do these endpoint security bypass techniques still work? Why?” The goal of this is to share just some of the ways Black Hills Information Security bypassed endpoint security in 2018. Unfortunately, these webcasts still seem to be needed because there […]

Podcast: Play in new window | Download

Subscribe: Android | RSS

Read the entire post here

beau and mike RDP

, , , ,

PODCAST: RDP Logging Bypass and Azure Active Directory Recon

For this podcast we cover a couple of different topics. First, we talk about how to password spray in a non-attributable sort of way. Beau found a way to obfuscate what RDP logs record with launching password spraying attacks. This has implications for UBEA. It is… kind of cool. Second, we cover how to do […]

Podcast: Play in new window | Download

Subscribe: Android | RSS

Read the entire post here

tools podcast

, , ,

PODCAST: BHIS Sorta Top Used Tools of 2018

In this webcast we cover some of the core tools we use all the time at Black Hills Information Security. However, there’s a twist. We don’t talk about Nessus, Nmap, or Metasploit. Why? Because there are a ton of new (and older) tools we use that fall outside of the standard tools you see in […]

Podcast: Play in new window | Download

Subscribe: Android | RSS

Read the entire post here

1 2 3