❌

Normal view

Received today β€” 10 July 2026 ⏭ Black Hills Information Security, Inc.

Finding and Addressing Vulnerable and Outdated Web Application Components

Vulnerable and outdated software components are one of the most common issues encountered by BHIS during web application penetration tests. The vast majority of web applications use third-party components such as jQuery, Angular, Bootstrap, or countless other libraries.

The post Finding and Addressing Vulnerable and Outdated Web Application Components appeared first on Black Hills Information Security, Inc..

Insufficient Egress Filtering: How Weak Outbound Controls Enable Attacks

Insufficient egress filtering is a commonly identified vulnerability found during BHIS penetration tests. The insufficient egress filtering finding indicates that network traffic leaving the organization’s environment is not properly restricted.

The post Insufficient Egress Filtering: How Weak Outbound Controls Enable Attacks appeared first on Black Hills Information Security, Inc..

Received β€” 11 January 2026 ⏭ Black Hills Information Security, Inc.

Why You Got Hacked – 2025 Super Edition

By: BHIS
19 November 2025 at 18:50

This article was written to provide readers with an overview of a selection of our pentest results from the last 15 months. This data was gathered toward the end of September 2025. Shockingly, the data does not differ much from our prior analyses conducted at the end of 2022 or 2023.

The post Why You Got Hacked – 2025 Super Edition appeared first on Black Hills Information Security, Inc..

Hit the Ground Running with Prototype PollutionΒ Β 

Isaac Burton // For as long as we have known about prototype pollution vulnerabilities, there has been confusion on what they are and how they can be exploited. We’re going […]

The post Hit the Ground Running with Prototype PollutionΒ Β  appeared first on Black Hills Information Security, Inc..

Finding: Server Supports Weak Transport Layer Security (SSL/TLS)

David Fletcher// The following blog post is meant to expand upon the findings commonly identified in BHIS reports. Β The β€œServer Supports Weak Transport Layer Security (SSL/TLS)” is almost universal across […]

The post Finding: Server Supports Weak Transport Layer Security (SSL/TLS) appeared first on Black Hills Information Security, Inc..

Finding: Weak Password Policy

David Fletcher// The weak password policy finding is typically an indicator of one of two conditions during a test: A password could be easily guessed using standard authentication mechanisms. A […]

The post Finding: Weak Password Policy appeared first on Black Hills Information Security, Inc..

❌