❌

Reading view

Network Engineering Basics

The computer networking field is broad, encompassing many focus areas similar to cybersecurity. If you’re new to the field or just interested in networking, knowing where to start can be challenging. Searching for a network engineer position on any job listing site will yield thousands of results, and no two job descriptions will be the same.

The post Network Engineering Basics appeared first on Black Hills Information Security, Inc..

  •  

Signed, Trusted, and Abused: Proxy Execution via WebView2

Proxy execution via WebView2 banner

An offensive security perspective on Microsoft Edge WebView2 Runtime, including architectural weaknesses, existing vulnerabilities, and exploitation methods.

The post Signed, Trusted, and Abused: Proxy Execution via WebView2 appeared first on Black Hills Information Security, Inc..

  •  

Getting Started In Pentesting – Advice From The BHIS Pentest Lead

Getting Started in Pentesting

Advice about getting started in pentesting from the BHIS pentest lead, including a learning path and why you should go all in on offensive security skills.

The post Getting Started In Pentesting – Advice From The BHIS Pentest Lead appeared first on Black Hills Information Security, Inc..

  •  

Understanding GRC: How to Navigate Risks and Compliance Standards

β€œGRC” isn’t all witchcraft and administrative nonsense β€” it’s the core that drives security initiatives, connects security spend to business outcomes, and powers a well-functioning security team.

The post Understanding GRC: How to Navigate Risks and Compliance Standards appeared first on Black Hills Information Security, Inc..

  •  

Malware Analysis: How to Analyze and Understand Malware

Malware analysis is an amazing field that can be interesting, fun, and useful for your cybersecurity career. If you’re wondering WHY anyone would want to dig into malware, it’s all for a better understanding of cybersecurity!

The post Malware Analysis: How to Analyze and Understand Malware appeared first on Black Hills Information Security, Inc..

  •  

OSINT: How to Find, Use, and Control Open-Source Intelligence

OSINT stands for open-source intelligence, and it refers to all publicly available information on the open internet which has been obtained without any special requirements (paywalls, invitations, etc.).

The post OSINT: How to Find, Use, and Control Open-Source Intelligence appeared first on Black Hills Information Security, Inc..

  •  

What to Do with Your First Home Lab

Having assembled fundamental lab components, you now get to play! However, the ocean of potential projects can be intimidating. Where does one even start?

The post What to Do with Your First Home Lab appeared first on Black Hills Information Security, Inc..

  •  

When the SOC Goes to Deadwood: A Night to RememberΒ 

Hear a tale about the time the BHIS SOC team conducted a 14-hour overnight incident response... from the Wild West Hackin' Fest conference in Deadwood, South Dakota.

The post When the SOC Goes to Deadwood: A Night to RememberΒ  appeared first on Black Hills Information Security, Inc..

  •  

Social Engineering and Microsoft SSPR: The Road to Pwnage is Paved with Good IntentionsΒ 

Social Engineering and Microsoft SSPR

This scenario simultaneously tests identity confirmation tooling (SSPR, MFA, Conditional Access), how users act under pressure, and the organization's ability to detect and follow-up on social engineering attacks.

The post Social Engineering and Microsoft SSPR: The Road to Pwnage is Paved with Good IntentionsΒ  appeared first on Black Hills Information Security, Inc..

  •  

Common Cyber Threats

In today’s interconnected digital world, information security has become a critical concern for individuals, businesses, and governments alike. Cyber threats, which encompass a wide range of malicious activities targeting information systems, pose significant risks to the confidentiality, integrity, and availability of data.

The post Common Cyber Threats appeared first on Black Hills Information Security, Inc..

  •  

How to Perform and Combat Social Engineering

This article was originally published in the second edition of the InfoSec Survival Guide. Find it free online HERE or order your $1 physical copy on the Spearphish General Store. […]

The post How to Perform and Combat Social Engineering appeared first on Black Hills Information Security, Inc..

  •  

How To Deploy Windows Optics: Commands, Downloads, Instructions, and Screenshots

Jordan Drysdale & Kent Ickler // TL;DR Look for links, download them. Look for GPOs, import them. Look for screenshots, for guidance. Sysmon + Windows Audit Policies + Event Collectors […]

The post How To Deploy Windows Optics: Commands, Downloads, Instructions, and Screenshots appeared first on Black Hills Information Security, Inc..

  •  

The Curious Case of theΒ Comburglar

By Troy Wojewoda During a recent Breach Assessment engagement, BHIS discovered a highly stealthy and persistent intrusion technique utilized by a threat actor to maintain Command-and-Control (C2) within the client’s […]

The post The Curious Case of theΒ Comburglar appeared first on Black Hills Information Security, Inc..

  •  

How to Set Smart Goals (That Actually Work For You)

Setting goals is a deceptively simple career skill we all know is important, but how do you set goals you’re actually excited to work towards?

The post How to Set Smart Goals (That Actually Work For You) appeared first on Black Hills Information Security, Inc..

  •  
❌