Recently in the SOC, we were notified by a partner that they had a potential business email compromise, or BEC. We commonly catch these by identifying suspicious email forwarding rules, [β¦]
The post Monitoring High Risk Azure LoginsΒ appeared first on Black Hills Information Security, Inc..
By Beau Bullock & Steve Borosh TL;DR We built a post-compromise toolset called GraphRunner for interacting with the Microsoft Graph API. It provides various tools for performing reconnaissance, persistence, and [β¦]
The post Introducing GraphRunner: A Post-Exploitation Toolset for Microsoft 365 appeared first on Black Hills Information Security, Inc..
Jordan DrysdaleΒ // Overview The following description of some of Impacketβs tools and techniques is a tribute to the authors, SecureAuthCorp, and the open-source effort to maintain and extend the code. [β¦]
The post Impacket Defense Basics With an Azure LabΒ appeared first on Black Hills Information Security, Inc..
Jordan Drysdale & Kent Ickler // tl;dr Ubuntu base OS, install AZCLI, unpack terraform, gather auth tokens, run script, enjoy new domain.Β https://github.com/DefensiveOrigins/APT-Lab-Terraform For those of you who have been [β¦]
The post How To: Applied Purple Teaming Lab Build on Azure with Terraform (Windows DC, Member, and HELK!) appeared first on Black Hills Information Security, Inc..
For this webcast we cover a couple of different topics. First, we talk about how to password spray in a non-attributable sort of way. Beau found a way to obfuscate [β¦]
The post WEBCAST: RDP Logging Bypass and Azure Active Directory Recon appeared first on Black Hills Information Security, Inc..
Mike Felch // With so many Microsoft technologies, services, integrations, applications, and configurations it can create a great deal of difficulty just to manage everything. Now imagine trying to secure [β¦]
The post Red Teaming Microsoft: Part 1 β Active Directory Leaks via Azure appeared first on Black Hills Information Security, Inc..
Editorβs Note: This is another awesomeΒ guest post from our friend, Robert Schwass. If youβd like to guest post contact us here. Robert Schwass // I had heard the rumors about [β¦]
The post Time To Bash on Windows (Bourne Again Shell That Is) appeared first on Black Hills Information Security, Inc..
Login