Kent Ickler & Jordan Drysdale // BHIS Webcast and Podcast This post accompanies BHISβs webcastΒ recorded on August 7, 2018,Β Active Directory Best Practices to Frustrate Attackers, which you can view below. [β¦]
The post Active Directory Best Practices to Frustrate Attackers: Webcast & Write-up appeared first on Black Hills Information Security, Inc..
Jordan Drysdale//* In this blog, we are assuming that we have obtained an access key, a secret key and maybe a .pem key from a network user who left these [β¦]
The post AWS: Assuming Access Key Compromise appeared first on Black Hills Information Security, Inc..
Jordan Drysdale// Full disclosure and tl;dr: The NCC Group has developed an amazing toolkit for analyzing your AWS infrastructure against Amazonβs best practices guidelines. Start here: https://github.com/nccgroup/Scout2 Then, access your [β¦]
The post Scout2 Usage: AWS Infrastructure Security Best Practices appeared first on Black Hills Information Security, Inc..
Brian Fehrman // In a previous post, titled PowerShell without PowerShell, we showed you how you can bypass Application Whitelisting Software (AWS), PowerShell restrictions/monitoring, and Command Prompt restrictions. In some [β¦]
The post PowerShell w/o PowerShell Simplified appeared first on Black Hills Information Security, Inc..
Lawrence Hoffman // Hey, Iβm back! Vacation was great. I spent part of last week on an Island so I was unable to scratch the keep-up-with-the-media itch. Now that Iβm [β¦]
The post Lawrenceβs List 071516 appeared first on Black Hills Information Security, Inc..
Login
