Jordan Drysdale // tl;dr BHIS made some interesting discoveries while working with a customer to audit their Amazon Web Services (AWS) infrastructure. At the time of the discovery, we found [β¦]
The post Securing the Cloud: A Story of Research, Discovery, and Disclosure appeared first on Black Hills Information Security, Inc..
Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, βWhy do these endpoint security bypass techniques still work? Why?β The goal of this is to [β¦]
The post PODCAST: Sacred Cash Cow Tipping 2019 appeared first on Black Hills Information Security, Inc..
John Strand // Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, βWhy do these endpoint security bypass techniques still work? Why?β The goal of [β¦]
The post Webcast: Sacred Cash Cow Tipping 2019 appeared first on Black Hills Information Security, Inc..
Jordan Drysdale// tl;dr Both Cisco and Nessus have escalated the Smart Install Client Service feature/vulnerability. Nessus is now reporting the Smart Install RCE as critical. High five!!! Cisco has also [β¦]
The post Cisco Smart Install Escalation and Update! appeared first on Black Hills Information Security, Inc..
Jordan Drysdale // tl;dr Cisco Smart Install is awesome (on by default)β¦for hackersβ¦ not sysadmins. So, you Nessus too? Criticals and highs are all that matter! Right??? Until this beauty [β¦]
The post Cisco Smart Installs and Why Theyβre Not βInformationalβ appeared first on Black Hills Information Security, Inc..
Dakota Nelson// For a lot of our customers, their first introduction to pentesting is a vulnerability scan from BHIS. This is after talking to the testers, of course, and setting [β¦]
The post What to Expect from a Vulnerability Scan appeared first on Black Hills Information Security, Inc..
Jordan Drysdale// Some days are not like others. Some days, you might get tasked with scanning a million IP addresses. Hereβs how I did it: Letβs go through some finer [β¦]
The post How to Scan Millions of IPv4 Addresses for Vulnerabilities appeared first on Black Hills Information Security, Inc..
Jordan Drysdale // Sacred Cash Cow Tipping Webcast 2018 follow-up The great Kaspersky Internet Security 2017 antivirus product lived up to and met all of my expectations in testing, so [β¦]
The post Treating Antivirus as βThe Gold Standardβ appeared first on Black Hills Information Security, Inc..
Jordan Drysdale // tl;dr uBlock Origin appears, based on non-scientific testing, to be fairly effective at keeping trackers from making outbound HTTP GET requests. Tested Extensions: No Add-ons v Ghostery [β¦]
The post Analyzing Extension Effectiveness with Burp appeared first on Black Hills Information Security, Inc..
Joff Thyer // If you have been penetration testing a while, you likely have ended up in a Red Team situation or will be engaged in it soon enough. From [β¦]
The post A Morning with Cobalt Strike & Symantec appeared first on Black Hills Information Security, Inc..
Kent Ickler // What is Cacti? Cacti is a network system that inputs system-generated quantifiable data and presents the data in spiffy graphs. Net-Admin In the Net-Admin world, it gives [β¦]
The post How to Install Cacti 1.1.10 on Ubuntu 16.04 appeared first on Black Hills Information Security, Inc..
John Strand// We just finished up a walk through of how we bypassed Cylance in a previous engagement. To conclude this exciting week, I want to share a few comments [β¦]
The post Bypassing Cylance: Part 5 β Looking Forward appeared first on Black Hills Information Security, Inc..
David Fletcher // The following techniques serve to illustrate methods for obtaining C2 communication in a particular Cylance protected environment. Β The configuration of the centralized infrastructure and the endpoint agents [β¦]
The post Bypassing Cylance: Part 4 β Metasploit Meterpreter & PowerShell Empire Agent appeared first on Black Hills Information Security, Inc..
David Fletcher // The following techniques serve to illustrate methods for obtaining C2 communication in a particular Cylance protected environment. Β The configuration of the centralized infrastructure and the endpoint agents [β¦]
The post Bypassing Cylance: Part 3 β Netcat & Nishang ICMP C2 Channel appeared first on Black Hills Information Security, Inc..
David Fletcher // The following techniques serve to illustrate methods for obtaining C2 communication in a particular Cylance protected environment.Β The configuration of the centralized infrastructure and the endpoint agents [β¦]
The post Bypassing Cylance: Part 2 β Using DNSCat2 appeared first on Black Hills Information Security, Inc..
David Fletcher // Recently, we had the opportunity to test a production Cylance environment. Obviously, each environment is going to be different and the efficacy of security controls relies largely [β¦]
The post Bypassing Cylance: Part 1 β Using VSAgent.exe appeared first on Black Hills Information Security, Inc..
Carrie Roberts // * Would you like to run Mimikatz without Anti-Virus (AV) detecting it? Recently I attempted running the PowerShell script βInvoke-Mimikatzβ from PowerSploitΒ on my machine but it was [β¦]
The post How to Bypass Anti-Virus to Run Mimikatz appeared first on Black Hills Information Security, Inc..
Kali Regenold // My time here at Black Hills Information Security has been short so far, but I believe itβs been the most important four months of my computer science [β¦]
The post Many Thanks to BHIS appeared first on Black Hills Information Security, Inc..
Brian FehrmanΒ (With shout outs to:Β Kelsey Bellew, Beau Bullock)Β // In a previous blog post, we talked about bypassing AV and Application Whitelisting by using a method developed by Casey Smith. In [β¦]
The post Powershell Without Powershell β How To Bypass Application Whitelisting, Environment Restrictions & AV appeared first on Black Hills Information Security, Inc..
Rick Wisser // I have been asked by some friends, (not very Linux proficient friends) to share this. I thought I would create a blog post and share with all. [β¦]
The post Itβs Always Nice to Have Cron-ies! appeared first on Black Hills Information Security, Inc..
Login