PODCAST

Author Archives - Black Hills Information Security, Inc.

news tech news

All Episodes

Opt for TOTP to Deal With MFA App Sprawl

Author Archives - Black Hills Information Security, Inc. ·

2023/10/26

| Sean Verity Do you have a bunch of MFA apps on your phone that leave you feeling like you can’t put your arms down? Or maybe all those MFA […] The post Opt for TOTP to Deal With MFA App Sprawl appeared first on Black Hills Information Security.

en-US

Introducing GraphRunner: A Post-Exploitation Toolset...

Author Archives - Black Hills Information Security, Inc. ·

2023/10/19

By Beau Bullock & Steve Borosh TL;DR We built a post-compromise toolset called GraphRunner for interacting with the Microsoft Graph API. It provides various tools for performing reconnaissance, persistence, and […] The post Introducing GraphRunner: A Post-Exploitation Toolset for Microsoft 365 appeared first on Black Hills Information Security.

en-US

Abusing Active Directory Certificate Services – Part 2

Author Archives - Black Hills Information Security, Inc. ·

2023/10/12

| Alyssa Snow Misconfigurations in Active Directory Certificate Services (ADCS) can introduce critical vulnerabilities into an Enterprise Active Directory environment, such as paths of escalation from low privileged accounts to […] The post Abusing Active Directory Certificate Services – Part 2 appeared first on Black Hills Information Security.

en-US

Abusing Active Directory Certificate Services – Part One

Author Archives - Black Hills Information Security, Inc. ·

2023/10/05

| Alyssa Snow Active Directory Certificate Services (ADCS)1 is used for public key infrastructure in an Active Directory environment. ADCS is widely used in enterprise Active Directory environments for managing […] The post Abusing Active Directory Certificate Services – Part One appeared first on Black Hills Information Security.

en-US

Stop Phishing Yourself: How Auto-Forwarding and...

Author Archives - Black Hills Information Security, Inc. ·

2023/09/21

Hayden Covington // Phishing is an ever-present threat, but lately, user education and spam filters have helped mitigate some of that threat. But what happens when a phish makes it […] The post Stop Phishing Yourself: How Auto-Forwarding and Exchange Contacts Can Stab You in the Back appeared first on Black Hills Information Security.

en-US

Wrangling the M365 UAL with SOF-ELK and CSV Data...

Author Archives - Black Hills Information Security, Inc. ·

2023/09/07

Patterson Cake // PART 1 PART 2 In part one of “Wrangling the M365 UAL,” we talked about acquiring, parsing, and querying UAL data using PowerShell and SOF-ELK. In part […] The post Wrangling the M365 UAL with SOF-ELK and CSV Data (Part 3 of 3) appeared first on Black Hills Information Security.

en-US

Wrangling the M365 UAL with SOF-ELK on EC2 (Part 2 of 3)

Author Archives - Black Hills Information Security, Inc. ·

2023/08/24

Patterson Cake // In PART 1 of “Wrangling the M365 UAL,” we talked about the value of the Unified Audit Log (UAL), some of the challenges associated with acquisition, parsing, […] The post Wrangling the M365 UAL with SOF-ELK on EC2 (Part 2 of 3) appeared first on Black Hills Information Security.

en-US

Wrangling the M365 UAL with PowerShell and SOF-ELK...

Author Archives - Black Hills Information Security, Inc. ·

2023/08/10

Patterson Cake // When it comes to M365 audit and investigation, the “Unified Audit Log” (UAL) is your friend. It can be surly, obstinate, and wholly inadequate, but your friend […] The post Wrangling the M365 UAL with PowerShell and SOF-ELK (Part 1 of 3) appeared first on Black Hills Information Security.

en-US

Welcome to Shark Week: A Guide for Getting Started...

Author Archives - Black Hills Information Security, Inc. ·

2023/07/27

Troy Wojewoda // In honor of Shark Week1, I decided to write this blog to demonstrate various techniques I’ve found useful when analyzing network traffic with Wireshark, as well as […] The post Welcome to Shark Week: A Guide for Getting Started with Wireshark and TShark appeared first on Black Hills Information Security.

en-US

Shenetworks’ Guide to Landing Your First Tech Job

Author Archives - Black Hills Information Security, Inc. ·

2023/07/20

Serena DiPenti // Buckle up for this one because I’m about to give you A LOT of information. As someone who works in tech and creates tech content, I am […] The post Shenetworks’ Guide to Landing Your First Tech Job appeared first on Black Hills Information Security.

en-US

Evasive File Smuggling with Skyhook

Author Archives - Black Hills Information Security, Inc. ·

2023/06/15

ImposterKeanu // Introduction This blog post introduces the reader to “The Obfuscation Hustle”, a term I enjoy using to describe the tedious process of obfuscating and delivering files to corporate […] The post Evasive File Smuggling with Skyhook appeared first on Black Hills Information Security.

en-US

Why Do Car Dealers Need Cybersecurity Services?

Author Archives - Black Hills Information Security, Inc. ·

2023/06/08

Tom Smith // At Black Hills Information Security (BHIS), we deal with all manner of clients, public and private. Until a month or two ago, though, we’d never dealt with […] The post Why Do Car Dealers Need Cybersecurity Services? appeared first on Black Hills Information Security.

en-US

Shenetworks Recommends: Using Nmap Like a Pro

Author Archives - Black Hills Information Security, Inc. ·

2023/06/05

shenetworks // One day at work I received a case stating a client couldn’t connect to the management interface of a new server. I asked the client to change the […] The post Shenetworks Recommends: Using Nmap Like a Pro appeared first on Black Hills Information Security.

en-US

Six Tips for Managing Penetration Test Data

Author Archives - Black Hills Information Security, Inc. ·

2023/05/25

John Malone // Introduction Information is power. This sentiment also holds true when discussing the creation of a supporting archive. A supporting archive is something that we put together to […] The post Six Tips for Managing Penetration Test Data appeared first on Black Hills Information Security.

en-US

Dynamic Device Code Phishing

Author Archives - Black Hills Information Security, Inc. ·

2023/05/16

rvrsh3ll // Introduction This blog post is intended to give a light overview of device codes, access tokens, and refresh tokens. Here, I focus on the technical how-to for standing […] The post Dynamic Device Code Phishing appeared first on Black Hills Information Security.

en-US

Auditd Field Spoofing: Now You Auditd Me, Now You...

Author Archives - Black Hills Information Security, Inc. ·

2023/05/11

moth // Introduction One fateful night in June of 2022, Ethan sent a message to the crew: “Anyone know ways to fool Auditd on Linux? I’m trying to figure out how to change the auid (audit […] The post Auditd Field Spoofing: Now You Auditd Me, Now You Auditdon’t appeared first on Black Hills Information Security.

en-US

If You Don’t Ruse, You Lose: A Simple Guide to...

Author Archives - Black Hills Information Security, Inc. ·

2023/04/20

Joseph Kingstone // Are you assigned a physical penetration test and want to fly under the radar and meet all of your objectives like the elite hacker you are? Stick around […] The post If You Don’t Ruse, You Lose: A Simple Guide to Blending in While Breaking In appeared first on Black Hills Information Security.

en-US

Shenetworks Recommends: 9 Must Watch BHIS YouTube Videos

Author Archives - Black Hills Information Security, Inc. ·

2023/04/13

shenetworks // The Black Hills Information Security YouTube channel has over 400 videos available. Over the past year, I have attended many webcasts and explored plenty of the videos. I […] The post Shenetworks Recommends: 9 Must Watch BHIS YouTube Videos appeared first on Black Hills Information Security.

en-US

Field Guide to the Android Manifest File

Author Archives - Black Hills Information Security, Inc. ·

2023/04/06

kassie@blackhillsinfosec.com The post Field Guide to the Android Manifest File appeared first on Black Hills Information Security.

en-US

Got Enough Monitors?

Author Archives - Black Hills Information Security, Inc. ·

2023/03/28

Carrie Roberts // Guest Blog OK, I admit it: I might have a problem. But seriously, can you ever really have enough screen space? In this blog post, I’ll describe […] The post Got Enough Monitors? appeared first on Black Hills Information Security.

en-US

473 results

Author Archives - Black Hills Information Security, Inc.

All Episodes

Similar Podcasts

Expres Ráno

Expres FM

PBS News Hour - Full Show

PBS News

CD Voice

China Daily

Israel Today: Ongoing War Report

Noa Levi

Jeffrey Epstein: The Coverup Chronicles

Bobby Capucci