He walked into the lobby with a fake badge clipped to his shirt. He had bought it online the week before. It was not perfect, and it did not need to be. From a few feet away, it looked close enough: a logo, a name, a photo, and a lanyard. The kind of thing most people glance at for half a second before their brain decides, “Looks fine.”

The post The Art of the Badge: A Hard Truth About Physical Security appeared first on Black Hills Information Security, Inc..

This scenario simultaneously tests identity confirmation tooling (SSPR, MFA, Conditional Access), how users act under pressure, and the organization's ability to detect and follow-up on social engineering attacks.

The post Social Engineering and Microsoft SSPR: The Road to Pwnage is Paved with Good Intentions  appeared first on Black Hills Information Security, Inc..

Social engineering is the manipulation of individuals into divulging confidential information, granting unauthorized access, or performing actions that benefit the attacker, all without the victim realizing they are being tricked.

The post How to Design and Execute Effective Social Engineering Attacks by Phone appeared first on Black Hills Information Security, Inc..

GoPhish provides a nice platform for creating and running phishing campaigns. This blog will guide you through installing GoPhish and creating a campaign. 

The post Gone Phishing: Installing GoPhish and Creating a Campaign appeared first on Black Hills Information Security, Inc..

This webcast was originally published on November 8, 2024. In this video, Hayden Covington discusses the detection engineering process and how to apply the scientific method to improve the quality […]

The post The Detection Engineering Process appeared first on Black Hills Information Security, Inc..

In this video, Michael Allen discusses adversary-in-the-middle post-exploitation techniques and processes.

The post Adversary in the Middle (AitM): Post-Exploitation appeared first on Black Hills Information Security, Inc..

Changes to the msds-KeyCredentialLink attribute are not audited/logged with standard audit configurations. This required serious investigations and a partner firm in infosec provided us the answer: TrustedSec.  So, credit where […]

The post Enable Auditing of Changes to msDS-KeyCredentialLink  appeared first on Black Hills Information Security, Inc..

This article was originally published in the second edition of the InfoSec Survival Guide. Find it free online HERE or order your $1 physical copy on the Spearphish General Store. […]

The post How to Perform and Combat Social Engineering appeared first on Black Hills Information Security, Inc..

This article originally featured in the very first issue of our PROMPT# zine — Choose Wisely. You can find that issue (and all the others) here: https://www.blackhillsinfosec.com/prompt-zine/ I remember a […]

The post Red Teaming: A Story From the Trenches appeared first on Black Hills Information Security, Inc..

Human Trust  Most people associated with information technology roles understand the application of technical controls like the use of firewalls, encryption, and security products for defenses against digital threats. Proper […]

The post The Human Element in Cybersecurity: Understanding Trust and Social Engineering  appeared first on Black Hills Information Security, Inc..

I previously blogged about spoofing Microsoft 365 using the direct send feature enabled by default when creating a business 365 Exchange Online instance (https://www.blackhillsinfosec.com/spoofing-microsoft-365-like-its-1995/). Using the direct send feature, it […]

The post Spamming Microsoft 365 Like It’s 1995  appeared first on Black Hills Information Security, Inc..

rvrsh3ll //  Introduction  This blog post is intended to give a light overview of device codes, access tokens, and refresh tokens. Here, I focus on the technical how-to for standing […]

The post Dynamic Device Code Phishing  appeared first on Black Hills Information Security, Inc..

Every Android application has a “manifest.xml” file located in the root directory of the APK. (Remember APKs are just zip files.) The manifest file is like a guide to the application.

The post Field Guide to the Android Manifest File appeared first on Black Hills Information Security, Inc..

Hannah Cartier // Social engineering, especially phishing, is becoming increasingly prevalent in red team engagements as well as real-world attacks. As security awareness improves and systems become more locked down, […]

The post Phishing Made Easy(ish) appeared first on Black Hills Information Security, Inc..

Jordan Drysdale // Summary! There are tons of security event management (SIEM) solutions available these days, but this blog will focus on Microsoft Sentinel. Sentinel is easy to deploy, logs […]

The post Geopolitical Cyber-Detection Lures for Attribution with Microsoft Sentinel  appeared first on Black Hills Information Security, Inc..

Raymond Felch // Preface: I began my exploration of reverse-engineering firmware a few weeks back (see “JTAG – Micro-Controller Debugging“), and although I made considerable progress finding and identifying the […]

The post How to Hack Hardware using UART appeared first on Black Hills Information Security, Inc..

Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester […]

The post Podcast: Weaponizing Corporate Intel. This Time, It’s Personal! appeared first on Black Hills Information Security, Inc..

Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester […]

The post Webcast: Weaponizing Corporate Intel. This Time, It’s Personal! appeared first on Black Hills Information Security, Inc..

Kelsey Bellew//* It’s an occupational hazard to see vulnerabilities everywhere. When I see a router sitting in plain sight I think, “The default creds are probably printed on the back; […]

The post Social Engineering in Japan appeared first on Black Hills Information Security, Inc..

Lee Kagan* // Expanding upon the previous post in this series, I decided to rewrite C2K (find it here) to change its behavior and options for the user. In this […]

The post How to Build a Command & Control Infrastructure with Digital Ocean: C2K Revamped appeared first on Black Hills Information Security, Inc..