10 episodes

Helping you navigate the treacherous terrain of InfoSec. Black Hills Information Security specializes in penetration testing, red teaming, and threat hunting.

Black Hills Information Security Black Hills Information Security

    • News

Helping you navigate the treacherous terrain of InfoSec. Black Hills Information Security specializes in penetration testing, red teaming, and threat hunting.

    Talkin’ About Infosec News – 10/13/2021

    Talkin’ About Infosec News – 10/13/2021

    ORIGINALLY AIRED ON OCTOBER 4, 2021







    Articles discussed in this episode:







    00:57 – Story # 1: Facebook is Burning







    22:09 – Story # 2: https://www.bleepingcomputer.com/news/security/voipms-phone-services-disrupted-by-ddos-extortion-attack/







    25:38 – Story # 3: https://krebsonsecurity.com/2021/10/fcc-proposal-targets-sim-swapping-port-out-fraud/







    33:02 – Story # 4: https://cyberworkx.in/2021/10/03/hackers-spreading-malware-by-misusing-trust-of-amnesty-international/







    36:55 – Story # 5: https://threatpost.com/finspy-surveillance-kit/175068/







    39:04 – Story # 6: https://thehackernews.com/2021/10/a-new-apt-hacking-group-targeting-fuel.html































    https://www.blackhillsinfosec.com/services/cyber-range/

    • 42 min
    Talkin’ About Infosec News – 9/29/2021

    Talkin’ About Infosec News – 9/29/2021

    ORIGINALLY AIRED ON SEPTEMBER 27, 2021







    Articles discussed in this episode:







    01:20 – Story # 1: https://habr.com/en/post/579714/







    02:14 – Story # 1b: https://therecord.media/researcher-discloses-iphone-lock-screen-bypass-on-ios-15-launch-day/







    02:54 – Story # 1c: https://www.bleepingcomputer.com/news/apple/new-macos-zero-day-bug-lets-attackers-run-commands-remotely/







    04:03 – Story #1d: https://habr.com/en/post/580272/







    09:42 – A Wild Noah Has Joined the Chat







    13:24 – The Wildest, Grayson & Tenille, Have Joined the Chat







    13:45 – A Wild Jeff Has Joined the Chat







    14:45 – Story #2: https://www.bbc.com/news/technology-58678907







    22:03 – Story #3: https://arstechnica.com/information-technology/2021/09/ransomware-victims-panicked-while-fbi-secretly-held-revil-decryption-key/







    29:47 – Story #4: https://thehackernews.com/2021/09/new-nagios-software-bugs-could-let.html







    34:34 – Story #5: https://thehackernews.com/2021/09/a-new-bug-in-microsoft-windows-could.html







    37:15 – Story #5b: https://github.com/Jamesits/dropWPBT







    42:29 – Story #5c: https://github.com/chipsec/chipsec







































    Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment.







    https://www.blackhillsinfosec.com/services/cyber-range/























    Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts.













    Join 3,834 other subscribers







    Email Address

    • 52 min
    Webcast: Shellcode Execution with GoLang

    Webcast: Shellcode Execution with GoLang

    In this Black Hills Information Security (BHIS) webcast, we explore using GoLang to author malware with embedded shellcode.







    GoLang is a Google-authored modern successor language to C/C++. It is multi-platform, high performance, multi-threaded, and unlike C/C++ includes garbage collection! It has the advantage of compiling to native machine code, unlike .NET C# which is dependent on the common language runtime, and easily reversible. We explore how to execute Windows shellcode with GoLang in the same process thread space, and then also explore one process injection method.







    If you are a penetration tester looking to expand your malware authoring skills, a little Go(lang) will take you far!







    Recorded • 2021-05-20







    Join the BHIS Community Discord: https://discord.gg/bhis







    00:00 – FEATURE PRESENTATION BEGINS: Shellcode Execution with GoLang







    01:39 – Meet Joff Thyer







    02:16 – What is GoLang?







    04:14 – Aspects of GoLang







    07:43 – C# or Go?







    09:24 – Go Command Line







    10:57 – Golang Type Safety







    11:31 – What is Shellcode?







    12:51 – Sources of Shellcode







    14:50 – Executing Shellcode on Windows







    16:08 – GoLang “unsafe” Package







    16:55 – Go “syscall” package is becoming per platform







    17:50 – GoLang “windows” Package







    18:22 – “x/sys/windows” package







    20:29 – Looking deeper into Syscall







    22:26 – Calling Functions out of Kernel32.dll

    • 1 hr 3 min
    Talkin’ About Infosec News – 9/23/2021

    Talkin’ About Infosec News – 9/23/2021

    ORIGINALLY AIRED ON SEPTEMBER 20, 2021







    Articles discussed in this episode:







    00:55 – Story # 1: https://techcrunch.com/2021/09/13/apple-zero-day-nso-pegasus/







    19:45 – Story # 2: https://www.tomshardware.com/news/researchers-find-windows-subsystem-linux-malware







    27:45 – Story # 3: https://www.wsj.com/articles/u-s-to-target-crypto-ransomware-payments-with-sanctions-11631885336







    41:19 – Story # 4: https://apnews.com/article/technology-business-pakistan-seattle-washington-c6122e936e0fcc7c077becdd2559886b







    46:55 – Story # 5: https://therecord.media/us-fines-former-nsa-employees-who-provided-hacker-for-hire-services-to-uae/







    Join the BHIS Community Discord: https://discord.gg/bhis































    https://www.blackhillsinfosec.com/services/cyber-range/

    • 53 min
    Webcast: The Quest for the Kill Chain Killer Continues

    Webcast: The Quest for the Kill Chain Killer Continues

    Jordan and Kent have heard from a lot of people that the past Black Hills Information Security (BHIS) webcasts: “Group Policies That Kill Kill Chains” and “Active Directory Best Practices to Frustrate Attackers” have changed their business models for the better.







    And since they’ve been offered the BHIS soapbox again, they thought it was time to update this material and combine it.







    Security can sometimes move slow and other times blazingly fast. They’ll discuss what they’ve seen in the past year and how it impacts their view on baseline defensive configurations you shouldn’t be operating without.







    At the end of the day, we are in this game to make things difficult for attackers, adversaries, and red teamers. We want to reduce mean time to detection. And we really want to help you make your networks and domains more secure.







    So… why not update our favorite webcasts with everything we’ve learned since giving them?







    Join the BLACK HILLS INFOSEC Discord Server — https://discord.gg/bhis







    The Kill Chains Material: https://www.blackhillsinfosec.com/webcast-group-policies-that-kill-kill-chains/







    How to Frustrate Attackers Material: https://www.blackhillsinfosec.com/webcast-group-policies-that-kill-kill-chains/







    Recorded•2021-05-13







    00:00 – FEATURE PRESENTATION BEGINS – The Quest for the Kill Chain Killer Continues







    02:15 – What Changed in the Last Year?







    06:31 – The Kill Chain







    07:47 – Active Directory Best Practices to Frustrate Attackers







    09:22 – Pre-Reqs







    13:31 – Active Directory







    a href="https://www.

    • 1 hr 2 min
    Talkin’ About Infosec News – 9/17/2021

    Talkin’ About Infosec News – 9/17/2021

    ORIGINALLY AIRED ON SEPTEMBER 13, 2021







    Articles discussed in this episode:







    00:00 – BHIS – Talkin’ Bout [infosec] News 2021-09-13







    02:59 – Story # 1: https://cyberworkx.in/2021/08/31/authentication-bypass-vulnerability-in-exchange-server/







    04:43 – Story # 1b: https://techcommunity.microsoft.com/t5/exchange-team-blog/how-to-update-ad-schema-to-address-cve-2021-34470-if-exchange-is/ba-p/2617083







    07:22 – Story # 2: https://cyberworkx.in/2021/09/08/microsoft-warns-of-new-zeroday-vulnerability-hunting-down-windows-users/







    13:16 – Story # 3: https://therecord.media/ghostscript-zero-day-allows-full-server-compromises/







    17:28 – Story # 3b: https://xkcd.com/2347/







    22:03 – Story # 4: https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/







    30:15 – Story # 5: https://venturebeat.com/2021/09/11/8-orgs-with-web-apps-for-file-uploads-have-adequate-cybersecurity/







    33:21 – Story # 5b: https://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags/1732454#1732454







    34:15 – Story # 6: https://www.bleepingcomputer.com/news/security/hackers-leak-passwords-for-500-000-fortinet-vpn-accounts/







    39:32 – Story # 7: https://www.bleepingcomputer.com/news/security/revil-ransomwares-servers-mysteriously-come-back-online/







































    Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment.







    https://www.blackhillsinfosec.com/services/cyber-range/

    • 45 min

Top Podcasts In News

You Might Also Like