In Part 2, we’re diving headfirst into one of the most critical attack surfaces in the LLM ecosystem - Prompt Injection: The AI version of talking your way past the bouncer.

The post Getting Started with AI Hacking Part 2: Prompt Injection appeared first on Black Hills Information Security, Inc..

Many people have heard of ChatGPT, Gemini, Bart, Claude, Llama, or other artificial intelligence (AI) assistants at this point. These are all implementations of what are known as large language […]

The post Pitting AI Against AI: Using PyRIT to Assess Large Language Models (LLMs)  appeared first on Black Hills Information Security, Inc..

This blog will be referencing the ICS/OT Backdoors & Breaches expansion deck created by BHIS and Dragos. We will be reviewing the ICS-focused Initial Compromise cards that are used to simulate a cyber incident and suggest potential mitigations to what is presented.

The post ICS Hard Knocks: Mitigations to Scenarios Found in ICS/OT Backdoors & Breaches appeared first on Black Hills Information Security, Inc..

by Austin Kaiser // Intern Hacking a satellite is not a new thing. Satellites have been around since 1957. The first satellite launched was called Sputnik 1 and was launched […]

The post Satellite Hacking appeared first on Black Hills Information Security, Inc..

Quick Jump: In the constantly evolving landscape of cybersecurity, it is common to see features designed for convenience lead to negative cybersecurity consequences. Microsoft Teams, an essential tool for corporate […]

The post Wishing: Webhook Phishing in Teams appeared first on Black Hills Information Security, Inc..

Raymond Felch // Preface: I began my exploration of reverse-engineering firmware a few weeks back (see “JTAG – Micro-Controller Debugging“), and although I made considerable progress finding and identifying the […]

The post How to Hack Hardware using UART appeared first on Black Hills Information Security, Inc..

Dear BHIS, So I’m a big fan of you guys! I took John’s SANS504 OnDemand class and I saw the light. Now what? I want to get into security, (maybe […]

The post How to Get into Information Security appeared first on Black Hills Information Security, Inc..

Beau Bullock // Overview Microsoft Exchange users have the power to grant other users various levels of access to their mailbox folders. For example, a user can grant other users […]

The post Abusing Exchange Mailbox Permissions with MailSniper appeared first on Black Hills Information Security, Inc..

Here’s our webcast with Beau Bullock, Brian Fehrman & Carrie Roberts from Tuesday, November 29.

The post WEBCAST: Exchange and OWA attacks – Step by Step appeared first on Black Hills Information Security, Inc..

Original by Bob Covello, CISSP / Modified with permission by BHIS // Note: This glossary was started to answer questions related to information security. It will be updated as required. […]

The post Information Security Glossary – v2 appeared first on Black Hills Information Security, Inc..