❌

Reading view

Your Browser is Not a Safe Space

Corey Ham // Tl;drΒ Β  Use a password manager instead of browser storage for passwords, credit card numbers, and other autofill items. Β  Personal security: Do not save anything sensitive in […]

The post Your Browser is Not a Safe Space appeared first on Black Hills Information Security, Inc..

  •  

Avoiding Memory Scanners

Kyle Avery // Introduction This post compliments a presentation I gave at DEF CON 30 – β€œAvoiding Memory Scanners: Customizing Malware to Evade YARA, PE-sieve, and More,” which included the […]

The post Avoiding Memory Scanners appeared first on Black Hills Information Security, Inc..

  •  

Getting Started With Sysmon

John Strand // In this blog, I want to walk through how we can set up Sysmon to easily get improved logging over what we get from normal (and just […]

The post Getting Started With Sysmon appeared first on Black Hills Information Security, Inc..

  •  

Webcast: Implementing Sysmon and Applocker

Click on the timecodes to jump to that part of the video (on YouTube) Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_ImplementingSysmonAppLocker.pdf 5:03 Introduction, problem statement, and executive problem […]

The post Webcast: Implementing Sysmon and Applocker appeared first on Black Hills Information Security, Inc..

  •  

WEBCAST: Creating and Keeping a Malware Zoo

John Strand// Join John as he covers what he and the BHIS Systems team have been working on lately – creating a C2/Implant/Malware test bed. Testing our C2/malware solutions is […]

The post WEBCAST: Creating and Keeping a Malware Zoo appeared first on Black Hills Information Security, Inc..

  •  

Deploy REMnux to the Cloud, Reverse Engineering Malware in the Cloud

Carrie Roberts //* REMnuxΒ is a free virtual machine image with Reverse Engineering Malware tools preinstalled.Β REMnux is maintained byΒ Lenny ZeltserΒ with extensive help fromΒ David Westcott and is available from https://remnux.org. I have […]

The post Deploy REMnux to the Cloud, Reverse Engineering Malware in the Cloud appeared first on Black Hills Information Security, Inc..

  •  

Hide Payload in MS Office Document Properties

Carrie Roberts* // Can you think of a reason why you might want to put a lengthy comment into the properties of an MS Office document? If you can, then […]

The post Hide Payload in MS Office Document Properties appeared first on Black Hills Information Security, Inc..

  •  

How To: Empire’s Cross Platform Office Macro

David Fletcher // During our testing, we encounter organizations of various different sizes, shapes, and composition. Β One that we’ve run across a number of times includes a fairly even mixture […]

The post How To: Empire’s Cross Platform Office Macro appeared first on Black Hills Information Security, Inc..

  •  
❌