10 episodes

Helping you navigate the treacherous terrain of InfoSec. Black Hills Information Security specializes in penetration testing, red teaming, and threat hunting.

Black Hills Information Security Black Hills Information Security

    • Tech News

Helping you navigate the treacherous terrain of InfoSec. Black Hills Information Security specializes in penetration testing, red teaming, and threat hunting.

    Webcast: Introducing Competitive Backdoors & Breaches and More!

    Webcast: Introducing Competitive Backdoors & Breaches and More!

    Backdoors & Breaches kind of took off.







    In case you don’t know, Backdoors & Breaches is an Incident Response Card Game to help people better understand the various attacks and defenses used in security today.







    We have sold out twice on Amazon, given out thousands of copies for free at conferences, and sent 2,000+ free decks to infosec educators (with a few thousand more decks to go).







    As a standalone game, with an Incident Master driving the narrative, it works really well.







    However, we have something else that we have been working on… Competitive Backdoors & Breaches.







    Yes, you can play this game against your co-workers. It just takes at least two decks.







    In this live webcast, we will be covering: advice for being an Incident Master; playing the regular game with remote teammates; answering many of your questions about gameplay; and introducing the rules on how to play this game competitively against another player.







    Download slides: https://www.activecountermeasures.com/presentations







    4:38 – Ok, But Why?







    5:55 – State of Play







    9:27 – Initial Compromise Card







    10:31 – Persistence Card







    11:53 – C2 and EXFIL Card







    14:01 – Pivot and Escalate Card







    14:36 – Procedures Card







    16:27 – State of Play







    17:51 – Initial Setup







    20:13 – Resource Points (RP)







    25:41 – Building the Kill Chain







    a href="https://www.youtube.com/watch?v=DriVsih8Hsc&t=1700s" target="_blank" rel="noreferrer noopener" aria-label=" (opens ...

    • 1 hr 3 min
    Webcast: Getting Started in Cyber Deception

    Webcast: Getting Started in Cyber Deception

    Ever wanted to get started in cyber deception? Ever wanted to do it for free?







    In this BHIS webcast, we will cover some basic, legal, and easy tools/techniques to get you started in working with low interaction honeypots to serve as an early warning of attacks.







    We will also be sharing a recipe for making wine out of pentester tears. Because attacker tears make the best wine.







    Download slides: https://www.activecountermeasures.com/presentations/







    1:00 – A Few Cool Things







    6:00 – Beginnings of Cyber Deception







    9:08 – Conversations







    16:34 – Canarytokens







    18:42 – Scenario: Recon







    23:02 – .exe







    36:13 – Cloned Websites!







    39:07 – Word Docs!!!







    47:41 – One Step Forward







    51:58 – Honeybadger Update







    53:56 – Back To Threat Intel; How BHIS Uses It







    56:03 – Questions







    This webcast was originally recorded live on January 23, 2020 with John Strand.















    Wild West Hackin’ Fest – Most Hands-On Infosec Con!

    • 59 min
    Podcast: Passwords: You Are the Weakest Link

    Podcast: Passwords: You Are the Weakest Link

    https://media.blubrry.com/bhis/content.blubrry.com/bhis/BHIS_Podcast_Passwords_Youaretheweakestlink.mp3









    Why are companies still recommending an 8-character password minimum? 







    Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend 8-character minimum passwords based on outdated data. 







    Download Slides: https://www.activecountermeasures.com/presentations







    Originally recorded as a live webcast on December 5th, 2019







    Presented by: Darin Roberts & CJ Cox







    Because of newer attack methods and increased computing power, password minimums need to be increased to 15 characters to keep networks safe. 







    On this BHIS Webcast, Darin & CJ discuss:







    * Current password policies: BHIS recommendations, Microsoft, Google, Apple, NIST * Why do we recommend 15 characters – brute force, password crack, LM Hash * Passphrase vs. password * Recommended password policy summary















    Wild West Hackin’ Fest – Most Hands-On Infosec Con!















    Join us at the new Way West Wild West Hackin’ Fest in San Diego — March 11-13th, 2020. Learn more: https://www.wildwesthackinfest.com/















    Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts.









    Join 1,973 other subscribers





    Email Address



















    Subscribe

    • 1 hr
    Webcast: Sacred Cash Cow Tipping 2020

    Webcast: Sacred Cash Cow Tipping 2020

    Want to learn how attackers bypass endpoint products?







    Download slides: https://www.activecountermeasures.com/presentations/







    3:41 – Alternate Interpreters







    9:19 – Carbon Black Config Issue







    15:07 – Cisco AMP EDR – Quick and Easy Bypass







    18:24 – PowerShell AMSI Bypass – Rhino







    19:07 – CylancePROTECT Bypass







    24:14 – Windows Defender and Carbon Black Bypass







    30:36 – Windows Subsystem for Linux







    39:59 – PowerShell HTTP Web Cradle for Downloads







    Last year we came to the conclusion that we are going to keep going with the Sacred Cash Cow Tipping Webcast series. Why? Because many in the industry still believe that security is something that can be achieved through the purchase of a single product.







    To that end, we feel there is still a need to deconstruct certain parts of security (like AV) and show that there are always structural weaknesses in every security product that is implemented.







    This is becoming even more important now that many of the advanced endpoint products are not just fire-and-forget but have an endless array of different configurations that enable a company to shoot themselves in the foot by reducing the overall effectiveness of these products.







    So, yes, Sacred Cash Cow Tipping is more important than ever.







    To that end, our next webcast will be on bypassing endpoint security products. The goal of this webcast is to help show people that there is still no silver bullet in security. We also desperately want to show that configuration and monitoring still matters.







    This is our first webcast of the year. It may run longer than 60 minutes. It will be recorded. We will have a team of Black Hills Testers answering questions throughout the webcast. We have room for 3,000 attendees, so you will be able to attend live if you want.















    Wild West Hackin’ Fest – Most Hands-On Infosec Con!















    Join us at the new Way West Wild West Hackin’ Fest in San Diego — March 11-13th, 2020. Learn more: https://www.

    • 1 hr
    Webcast: Let’s Talk About ELK Baby, Let’s Talk About You and AD

    Webcast: Let’s Talk About ELK Baby, Let’s Talk About You and AD

    BHIS’ Defensery Driven Duo Delivers Another Delectable Transmission!







    We know you are worried about your networks. After hours of discussion, we’ve come to the realization that some of our dedicated followers seem to be much more interested in catching malware than learning how to be (please forgive this next statement) “l33t hax0rs.”







    Download slides: https://www.activecountermeasures.com/presentations/







    2:47 – Why Are We Doing This?







    5:07 – AT7: The Logs You Are Looking For







    7:41 – AD Best Practices to Frustrate Attackers







    9:37 – AT 5 – Complete Takedown & AT 6 – IOCs







    12:04 – Blue Team-A-Palooza







    14:22 – Windows Logging, Sysmon, and ELK – Part 1







    16:45 – Implementing Sysmon and Applocker







    21:45 – …And Group Policies That Kill Kill-Chains







    22:31 – Here Are Some Important Blogs







    23:35 – Summary Complete







    25:28 – Introducing the Atomic Red Team







    27:50 – Installing the Atomic Framework







    29:29 – Squibbly Doo; The Results; Let’s Take A Step Back: The Atomic Tests; Another Step Back: WEF / Winlogbeat Config







    33:41 – Executing T1015; Catching Executables; Executin...

    • 58 min
    Webcast: Passwords: You Are the Weakest Link

    Webcast: Passwords: You Are the Weakest Link

    Why are companies still recommending an 8-character password minimum? 







    Passwords are some of the easiest targets for attackers, yet companies still allow weak passwords in their environment. Multiple service providers recommend 8-character minimum passwords based on outdated data. 







    Download Slides: https://www.activecountermeasures.com/presentations







    3:26 – In The Beginning







    4:23 – What The Experts Say: PCI







    5:55 – What The Experts Say: Microsoft







    9:29 – What The Experts Say: NIST







    16:01 – What The Experts Say: Google







    16:28 – What The Experts Say: Apple







    16:42 – Still More Experts







    17:49 – Why 15 Characters







    18:06 – Brute Force, Password Spray







    22:48 – Password Cracking







    23:25 – A Hashing Algorithm, More About Hashes







    25:49 – So What Is Password Cracking







    27:16 – Windows Hashes, The LM Hashing Algorithm, “LM Hash Is “”Weak””, LM Vs. NTLM Cracking







    31:14 – Why 15 Character Passwords – Answer, CJ’s Response to the Problem







    a href="https://www.youtube.com/watch?

    • 1 hr

Top Podcasts In Tech News

Listeners Also Subscribed To