Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, “Why do these endpoint security bypass techniques still work? Why?” The goal of this is to share just some of the ways Black Hills Information Security bypassed endpoint security in 2018. Unfortunately, these webcasts still seem to be needed because there […]
Podcast: Play in new window | Download
John Strand// Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, “Why do these endpoint security bypass techniques still work? Why?” The goal of this is to share just some of the ways Black Hills Information Security bypassed endpoint security in 2018. Unfortunately, these webcasts still seem to be needed […]
John Strand// It’s time for our annual anti virus bypass extravaganza. See why AV can’t be the end all be all solution to your security framework in 2018! And if you already know that but need to implement it? Invite your team! This is always a lot of fun! Slides available here: https://www.dropbox.com/s/96tkxyn4mif3syi/scct2018-Master.pptx?dl=0
John Strand with BHIS testers // Yes, we did this in 2017, but it’s reflecting work done in 2016.
Carrie Roberts // My current favorite exploit is creating malicious outlook rules as described here. The rule is configured to download an executable file with an EXE extension (.exe) when an email with a certain subject line is received. The executable establishes a command and control (C2) session with the attacker’s server. On a recent […]
