PODCAST

Author Archives - Black Hills Information Security, Inc.

news tech news

All Episodes

Ssh… Don’t Tell Them I Am Not HTTPS: How Attackers...

Author Archives - Black Hills Information Security, Inc. ·

2023/03/21

Derek Banks // Living Off the Land Binaries, Scripts, and Libraries, known as LOLBins or LOLBAS, are legitimate components of an operating system that threat actors can use to achieve […] The post Ssh… Don’t Tell Them I Am Not HTTPS: How Attackers Use SSH.exe as a Backdoor Into Your Network appeared first on Black Hills Information Security.

en-US

Your Browser is Not a Safe Space

Author Archives - Black Hills Information Security, Inc. ·

2023/03/14

Corey Ham // Tl;dr Use a password manager instead of browser storage for passwords, credit card numbers, and other autofill items. Personal security: Do not save anything sensitive in […] The post Your Browser is Not a Safe Space appeared first on Black Hills Information Security.

en-US

Parsing Sysmon Logs on Microsoft Sentinel

Author Archives - Black Hills Information Security, Inc. ·

2023/03/07

Jordan Drysdale // Tl;dr: Many parsers have been written and several are referenced here. This blog describes a simple parser for Sysmon logs through Event ID (EID) 28 for Microsoft […] The post Parsing Sysmon Logs on Microsoft Sentinel appeared first on Black Hills Information Security.

en-US

Hit the Ground Running with Prototype Pollution

Author Archives - Black Hills Information Security, Inc. ·

2023/02/28

Isaac Burton // For as long as we have known about prototype pollution vulnerabilities, there has been confusion on what they are and how they can be exploited. We’re going […] The post Hit the Ground Running with Prototype Pollution appeared first on Black Hills Information Security.

en-US

Forwarding Traffic Through SSH

Author Archives - Black Hills Information Security, Inc. ·

2023/02/23

Fernando Panizza // This was meant to be an OpenSSH how-to blog, but since I had time, I decided to read the man pages (manual pages that you can access […] The post Forwarding Traffic Through SSH appeared first on Black Hills Information Security.

en-US

Tales From the Pick: Intro to Physical Security Tools

Author Archives - Black Hills Information Security, Inc. ·

2023/02/21

Joseph Kingstone // Looking to get into physical security? Not sure what you need to get started? Look no further. What are Physical Security Assessments? Physical security assessments evaluate an […] The post Tales From the Pick: Intro to Physical Security Tools appeared first on Black Hills Information Security.

en-US

Gowitness, a Tester’s Time Saver

Author Archives - Black Hills Information Security, Inc. ·

2023/02/16

Alyssa Snow // During an external or internal network penetration test, it can be challenging to comb through each web server in scope to find the juicy stuff. During a […] The post Gowitness, a Tester’s Time Saver appeared first on Black Hills Information Security.

en-US

MITM6 Strikes Again: The Dark Side of IPv6

Author Archives - Black Hills Information Security, Inc. ·

2023/02/14

Dale Hobbs // As the world becomes increasingly connected through the internet, cyber attacks have become more sophisticated and prevalent. One type of attack that you may not have heard […] The post MITM6 Strikes Again: The Dark Side of IPv6 appeared first on Black Hills Information Security.

en-US

Exploit Development – A Sincere Form of Flattery

Author Archives - Black Hills Information Security, Inc. ·

2023/02/09

moth // Recently, BHIS penetration tester Dale Hobbs was on an Internal Network Penetration Test and came across an RPC-based arbitrary command execution vulnerability in his vulnerability scan results. I […] The post Exploit Development – A Sincere Form of Flattery appeared first on Black Hills Information Security.

en-US

Who’s Bootin’? Dissecting the Master Boot Record

Author Archives - Black Hills Information Security, Inc. ·

2023/02/07

Hal Denton // Have you ever been given an encrypted hard drive to perform forensic analysis on? What could go wrong? Probably the first thought rolling through your mind is […] The post Who’s Bootin’? Dissecting the Master Boot Record appeared first on Black Hills Information Security.

en-US

How to Build a Pentest Robot With Selenium IDE

Author Archives - Black Hills Information Security, Inc. ·

2023/02/02

Have you ever been on a pentest and thought to yourself, “I wish I had a robot to do this testing for me right now cuz this is just too much work”? The post How to Build a Pentest Robot With Selenium IDE appeared first on Black Hills Information Security.

en-US

PNPT: Certification Review

Author Archives - Black Hills Information Security, Inc. ·

2023/01/31

Daniel Pizarro // What is the PNPT? The Practical Network Penetration Tester (PNPT), created by TCM Security (TCMS), is a 5-day ethical hacking certification exam that assesses a pentester’s ability […] The post PNPT: Certification Review appeared first on Black Hills Information Security.

en-US

Forward into 2023: Browser and O/S Security Features

Author Archives - Black Hills Information Security, Inc. ·

2023/01/18

Joff Thyer // Introduction We have already arrived at the end of 2022; wow, that was fast. As with any industry or aspect of life, we find ourselves peering into […] The post <strong>Forward into 2023: Browser and O/S Security Features</strong> appeared first on Black Hills Information Security.

en-US

SNMP… Strings Attached!

Author Archives - Black Hills Information Security, Inc. ·

2022/12/21

Dale Hobbs // One thing that I almost always find when performing an internal network penetration test is Simple Network Management Protocol (SNMP) configured with default community strings. Simple Network […] The post SNMP… Strings Attached! appeared first on Black Hills Information Security.

en-US

PlumHound Reporting Engine for BloodHoundAD

Author Archives - Black Hills Information Security, Inc. ·

2022/12/06

Kent Ickler // It’s been over two years since Jordan and I talked about a Blue Team’s perspective on Red Team tools. A Blue Team’s Perspective on Red Team Hack […] The post PlumHound Reporting Engine for BloodHoundAD appeared first on Black Hills Information Security.

en-US

New PowerShell History Defense Evasion Technique

Author Archives - Black Hills Information Security, Inc. ·

2022/11/29

Carrie Roberts // PowerShell incorporates the handy feature of writing commands executed to a file to make them easy to refer back to later. This functionality is provided by the […] The post New PowerShell History Defense Evasion Technique appeared first on Black Hills Information Security.

en-US

Webcast: Pentester Tactics, Techniques, and...

Author Archives - Black Hills Information Security, Inc. ·

2022/11/04

Penetration Testing is often considered a dark art that’s shrouded in mystery. This unfortunate perception can hold back organizations from being more secure and keep people from an exciting career. […] The post Webcast: Pentester Tactics, Techniques, and Procedures TTPs w/ Chris Traynor appeared first on Black Hills Information Security.

en-US

Webcast: Coercions and Relays – The First Cred is the...

Author Archives - Black Hills Information Security, Inc. ·

2022/10/25

The post Webcast: Coercions and Relays – The First Cred is the Deepest w/ Gabriel Prud’homme appeared first on Black Hills Information Security.

en-US

Webcast: Offensive Windows Event Logs w/ Tim Fowler

Author Archives - Black Hills Information Security, Inc. ·

2022/10/25

The post Webcast: Offensive Windows Event Logs w/ Tim Fowler appeared first on Black Hills Information Security.

en-US

Webcast: Demystifying Web3 Attack Vectors, w/ Beau...

Author Archives - Black Hills Information Security, Inc. ·

2022/10/25

The post Webcast: Demystifying Web3 Attack Vectors, w/ Beau Bullock and Steve Borosh appeared first on Black Hills Information Security.

en-US

473 results

Author Archives - Black Hills Information Security, Inc.

All Episodes

Similar Podcasts

Expres Ráno

Expres FM

PBS News Hour - Full Show

PBS News

CD Voice

China Daily

Israel Today: Ongoing War Report

Noa Levi

Jeffrey Epstein: The Coverup Chronicles

Bobby Capucci