Derek Banks // Living Off the Land Binaries, Scripts, and Libraries, known as LOLBins or LOLBAS, are legitimate components of an operating system that threat actors can use to achieve […]

The post Ssh… Don’t Tell Them I Am Not HTTPS: How Attackers Use SSH.exe as a Backdoor Into Your Network appeared first on Black Hills Information Security, Inc..

The post Webcast: How to Detect and Respond to Business Email (M365) Compromise w/ the BHIS DFIR Team  appeared first on Black Hills Information Security, Inc..

The post Webcast: Looking for Needles in Needlestacks w/ Threat Hunting Toolkit appeared first on Black Hills Information Security, Inc..

Derek Banks // I recently heard something on the news that caught my attention.  I suppose that isn’t abnormal these days, but this in particular was the first time I […]

The post Let’s Talk About TikTok appeared first on Black Hills Information Security, Inc..

Derek Banks// I live in an area that was initially projected to be hit by Hurricane Florence. Four days prior to the storm making landfall the governor of my state […]

The post Digital Bug Out Bag: A Nerd and His Family Running From a Hurricane appeared first on Black Hills Information Security, Inc..

Derek Banks // I want to expand on our previous blog post on consolidated endpoint event logging and use Windows Event Forwarding and live off the Microsoft land for shipping […]

The post End-Point Log Consolidation with Windows Event Forwarder appeared first on Black Hills Information Security, Inc..

Joff Thyer & Derek Banks // Editor’s Note: This is a more in-depth write-up based on the webcast which can be watched here. As penetration testers, we often find ourselves […]

The post How To Do Endpoint Monitoring on a Shoestring Budget – Webcast Write-Up appeared first on Black Hills Information Security, Inc..

Derek Banks & Joff Thyer // If you’re not currently logging and monitoring the Windows endpoints on the edge of your network you are missing valuable information that is not […]

The post WEBCAST: How To Do Consolidated Endpoint Monitoring on a Shoestring Budget appeared first on Black Hills Information Security, Inc..

Derek Banks // This post will walk through a technique to remotely run a Kerberoast attack over an established Meterpreter session to an Internet-based Ubuntu 16.04 C2 server and crack […]

The post A Toast to Kerberoast appeared first on Black Hills Information Security, Inc..

Derek Banks //   As pentesters, it is probably not a surprise that we tend to make fairly heavy use of Kali Linux on a fairly regular basis. The folks at Offensive […]

The post How to DIY a Mobile Hacking Platform – Kali NetHunter on a Rooted Nexus7 appeared first on Black Hills Information Security, Inc..

Derek Banks // Yes, I date myself with reference in the title of this blog post.  I can be lame like that. A fair amount of my time at $last_gig […]

The post You Down With APP? (Yeah You Know Me) appeared first on Black Hills Information Security, Inc..

Derek Banks // John’s hating on threat intelligence feeds post got me thinking.  As a former blue team member that is now solidly purple team, I do not hate threat intelligence […]

The post More on Threat Intelligence Feeds appeared first on Black Hills Information Security, Inc..

Derek Banks //   More than occasionally I am asked how to get into Information Security as a profession.   As attacks and breaches continue to escalate in frequency the demand […]

The post Developing Hacking Kung Fu (or How To Get Into Information Security) appeared first on Black Hills Information Security, Inc..