❌

Reading view

↗️

Securing the Cloud: A Story of Research, Discovery, and Disclosure

βœ‡Black Hills Information Security, Inc.
By: BHIS

Jordan Drysdale // tl;dr BHIS made some interesting discoveries while working with a customer to audit their Amazon Web Services (AWS) infrastructure. At the time of the discovery, we found […]

The post Securing the Cloud: A Story of Research, Discovery, and Disclosure appeared first on Black Hills Information Security, Inc..

  •  
  • ↗️
↗️

Cisco Smart Install Escalation and Update!

βœ‡Black Hills Information Security, Inc.
By: BHIS

Jordan Drysdale// tl;dr Both Cisco and Nessus have escalated the Smart Install Client Service feature/vulnerability. Nessus is now reporting the Smart Install RCE as critical. High five!!! Cisco has also […]

The post Cisco Smart Install Escalation and Update! appeared first on Black Hills Information Security, Inc..

  •  
  • ↗️
↗️

Cisco Smart Installs and Why They’re Not β€œInformational”

βœ‡Black Hills Information Security, Inc.
By: BHIS

Jordan Drysdale // tl;dr Cisco Smart Install is awesome (on by default)…for hackers… not sysadmins. So, you Nessus too? Criticals and highs are all that matter! Right??? Until this beauty […]

The post Cisco Smart Installs and Why They’re Not β€œInformational” appeared first on Black Hills Information Security, Inc..

  •  
  • ↗️
↗️

What to Expect from a Vulnerability Scan

βœ‡Black Hills Information Security, Inc.
By: BHIS

Dakota Nelson// For a lot of our customers, their first introduction to pentesting is a vulnerability scan from BHIS. This is after talking to the testers, of course, and setting […]

The post What to Expect from a Vulnerability Scan appeared first on Black Hills Information Security, Inc..

  •  
  • ↗️
↗️

How to Scan Millions of IPv4 Addresses for Vulnerabilities

βœ‡Black Hills Information Security, Inc.
By: BHIS

Jordan Drysdale// Some days are not like others. Some days, you might get tasked with scanning a million IP addresses. Here’s how I did it: Let’s go through some finer […]

The post How to Scan Millions of IPv4 Addresses for Vulnerabilities appeared first on Black Hills Information Security, Inc..

  •  
  • ↗️
↗️

Service Detection – Tomcat Manager, From β€œInfo” to β€œOuch”

βœ‡Black Hills Information Security, Inc.
By: BHIS

Carrie RobertsΒ // Continuing on the thread of highlighting Nessus vulnerability scan results that turned out to be more severe than reported . . . IΒ alwaysΒ review the β€œInfo” level β€œService Detection” […]

The post Service Detection – Tomcat Manager, From β€œInfo” to β€œOuch” appeared first on Black Hills Information Security, Inc..

  •  
  • ↗️
↗️

Asterisk SIP Server, From β€œInfo” to β€œOuch”

βœ‡Black Hills Information Security, Inc.
By: BHIS

Carrie Roberts // I learned some new stuff that will make me pay attention to β€œAsterisk Detection” Nessus informational findings in the future . . . On an external network […]

The post Asterisk SIP Server, From β€œInfo” to β€œOuch” appeared first on Black Hills Information Security, Inc..

  •  
  • ↗️
❌