Sacred Cash Cow Tipping

General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Podcasts, Webcasts carbonblack, Cisco, Cylance Bypass, john strand, PowerShell, Sacred Cash Cow Tipping, webcasts, Windows Defender

Webcast: Sacred Cash Cow Tipping 2020

Want to learn how attackers bypass endpoint products? Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_SacredCashCowTipping2020.pdf 3:41 – Alternate Interpreters 9:19 – Carbon Black Config Issue 15:07 – Cisco AMP EDR – Quick and Easy Bypass 18:24 – PowerShell AMSI Bypass – Rhino 19:07 – CylancePROTECT Bypass 24:14 – Windows Defender and Carbon Black Bypass […]

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

Podcasts, Red Team anti-virus, endpoint security, how to bypass Anti Virus, Podcasts, Sacred Cash Cow Tipping

PODCAST: Sacred Cash Cow Tipping 2019

Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, “Why do these endpoint security bypass techniques still work? Why?” The goal of this is to share just some of the ways Black Hills Information Security bypassed endpoint security in 2018. Unfortunately, these webcasts still seem to be needed because there […]

Podcast: Play in new window | Download

Subscribe: RSS

Read the entire post here

Red Team, Webcasts anti-virus, carbonblack, endpoint security, how to bypass Anti Virus, pen-testing, penetration testing, Red Team, Sacred Cash Cow Tipping

Webcast: Sacred Cash Cow Tipping 2019

John Strand // Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, “Why do these endpoint security bypass techniques still work? Why?” The goal of this is to share just some of the ways Black Hills Information Security bypassed endpoint security in 2018. Unfortunately, these webcasts still seem to be […]

Read the entire post here

Webcasts AV, AV bypass, bypassing AV, Sacred Cash Cow Tipping, webcasts

WEBCAST: Sacred Cash Cow Tipping 2018

John Strand// It’s time for our annual anti virus bypass extravaganza. See why AV can’t be the end all be all solution to your security framework in 2018! And if you already know that but need to implement it? Invite your team! This is always a lot of fun! Slides available here: https://www.dropbox.com/s/96tkxyn4mif3syi/scct2018-Master.pptx?dl=0 Join the BHIS […]

Read the entire post here

Red Team, Webcasts bypassing AV, Sacred Cash Cow Tipping

WEBCAST: Sacred Cash Cow Tipping 2016

John Strand with BHIS testers // Yes, we did this in 2017, but it’s reflecting work done in 2016.

Read the entire post here

C2, Red Team exploit, malicious outlook rules, Outlook, Sacred Cash Cow Tipping

Malicious Outlook Rule without an EXE

Carrie Roberts // My current favorite exploit is creating malicious outlook rules as described here. The rule is configured to download an executable file with an EXE extension (.exe) when an email with a certain subject line is received. The executable establishes a command and control (C2) session with the attacker’s server. On a recent […]

Read the entire post here