On this webcast, we’ll guide you through an iterative process of building and deploying effective and practical Group Policy Objects (GPOs) that increase security posture. Slides for this webcast...

Ahead of his keynote at Black Hat USA, Citizen Lab director Ron Deibert spoke with TechCrunch reporter Lorenzo Franceschi-Bicchierai about what he describes as a “descent into a kind of fusion of...

Lawrence Hoffman // Last week a friend stopped by my desk with a worried look on his face. He knelt down and showed me the screen of his laptop where […] The post Hacking Like It’s 1999 appeared...

Joff Thyer // A network can authenticate a client workstation using the 802.1X and Extensible Authentication Protocol (EAP) using multiple different methods. EAP is used both in a wired network...

Jordan Drysdale // For the lazy server and system admins, automating those boring functions of updating packages, finding outdated ones, checking scans, et cetera, Ansible has some very nice...

Rick Wisser // All right, you’ve taken all the precautions related to your network. You have lockout controls in place, you use awesome password policies (20 characters with uppercase, lowercase,...

Ethan Robish // Here’s a short intro for anyone not familiar with ssh config files, which are usually located at ~/.ssh/config As an example, you have ssh running on port […] The post SSH Config...

Jordan Drysdale // Life as a ‘blue-teamer’ can often be a stressful experience. Working in an environment with a strong Linux infrastructure can help some, but Ansible can help […] The post...

John Strand // Lets take a look at how to use HoneyPorts on the new Active Defense Harbinger Distribution. For those of you who do not know, this is a […] The post Honeyports & ADHD!!! appeared...

David Fletcher & Sally Vandeven // We gave a presentation at the GrrCon hacker conference in Grand Rapids, MI on October 6, 2016. The presentation was a dialogue meant to illustrate the […] The...

Logan Lembke // Step One: Power. Step Two: Enter. Step Three: ???? Step Four: Profit. In the security industry, we love our encryption. However sometimes, the complexity introduced by encryption...

Kent Ickler // As a start to a series on Windows Administration in the eyes of a security-conscious “Windows Guy” I invite you on configuring AD DS PSOs (Password Security […] The post How to...

Carrie Roberts // A tool to generate password usage statics in a Windows domain based on hashes dumped from a domain controller. The Domain Password Audit Tool (DPAT) is a […] The post Domain...

A bit delayed but here is the webcast John did with Security Weekly and Endgame about Threat Hunting on 11/15/16. The post WEBCAST: Threat Hunting Using Open Source Software Bro Part 1 appeared...

Joff Thyer // It is no secret that PowerShell is increasingly being used as an offensive tool for attack purposes by both Red Teamers and Criminals alike. Thanks to […] The post PowerShell Logging...

Check out Carrie’s demo of her DPAT, and if you missed her blog, check that out here. The post WEBCAST: Demo of Domain Password Audit Tool appeared first on Black Hills Information Security, Inc..

Cody Smith* // As information security professionals we’re not invincible to breaches. Even the most robust security system can’t make up for a lack of user education, which I was […] The post My...

John Strand // So you think you might have a compromised Windows system. If you do, where do you start? How would you review the memory of that system? What […] The post WEBCAST: Live Forensics &...

John Strand // In the last webcast we covered initial Windows Live Forensics (see the recording here), in this one we play with memory from a compromised system. We cover the […] The post WEBCAST:...

John Strand // Want to get started on a hunt team and discover “bad things” on your network? In this webcast, we will walk through the installation and usage of […] The post WEBCAST: RITA appeared...

John Strand // In this webcast, we walk through different tools to establish and test your Command and Control (C2) detection capabilities. Why does this matter? Almost all organizations we […]...

Derek Banks & Joff Thyer // If you’re not currently logging and monitoring the Windows endpoints on the edge of your network you are missing valuable information that is not […] The post WEBCAST:...

Joff Thyer & Derek Banks // Editor’s Note: This is a more in-depth write-up based on the webcast which can be watched here. As penetration testers, we often find ourselves […] The post How To Do...

Jordan Drysdale & Kent Ickler // In this webcast, we demonstrate some standard methodologies utilized during an internal network review. We also discuss various tools used to test network defenses...

John Strand // In this webcast John covers how to set up Active Directory Active Defense (ADAD) using tools in Active Defense Harbinger Distribution (ADHD) and talks about potential active […] The...

Kent Ickler // You’ve heard us before talk about Bro, an IDS for network monitoring and analysis. We’ve had several installs of Bro over time here at BHIS. It’s about […] The post How to Monitor...

Kent Ickler // How to Configure Distributed Fail2Ban: Actionable Threat Feed Intelligence Fail2Ban is a system that monitors logs and triggers actions based on those logs. While actions can be […]...

Logan Lembke// Here at BHIS, we ♥ Bro IDS. Imagine… Bro IDS Everywhere! If you haven’t encountered Bro IDS before, checkout this webcast on John’s Youtube channel discussing the need for Bro […]...

This is the in-studio version of our live in DC event from July. In this webcast, John covers how to set up Active Directory Active Defense (ADAD) using tools in […] The post WEBCAST: Active...

Derek Banks, Beau Bullock, & Brian Fehrman // Our clients often ask how they could have detected and prevented the post-exploitation activities we used in their environment to gain elevated […]...