Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, “Why do these endpoint security bypass techniques still work? Why?” The goal of this is to […]

The post PODCAST: Sacred Cash Cow Tipping 2019 appeared first on Black Hills Information Security, Inc..

John Strand // Yet again it is time for another edition of Sacred Cash Cow Tipping! Or, “Why do these endpoint security bypass techniques still work? Why?” The goal of […]

The post Webcast: Sacred Cash Cow Tipping 2019 appeared first on Black Hills Information Security, Inc..

Jordan Drysdale // Sacred Cash Cow Tipping Webcast 2018 follow-up The great Kaspersky Internet Security 2017 antivirus product lived up to and met all of my expectations in testing, so […]

The post Treating Antivirus as “The Gold Standard” appeared first on Black Hills Information Security, Inc..

Joff Thyer // If you have been penetration testing a while, you likely have ended up in a Red Team situation or will be engaged in it soon enough. From […]

The post A Morning with Cobalt Strike & Symantec appeared first on Black Hills Information Security, Inc..

John Strand// We just finished up a walk through of how we bypassed Cylance in a previous engagement. To conclude this exciting week, I want to share a few comments […]

The post Bypassing Cylance: Part 5 – Looking Forward appeared first on Black Hills Information Security, Inc..

David Fletcher // The following techniques serve to illustrate methods for obtaining C2 communication in a particular Cylance protected environment.  The configuration of the centralized infrastructure and the endpoint agents […]

The post Bypassing Cylance: Part 4 – Metasploit Meterpreter & PowerShell Empire Agent appeared first on Black Hills Information Security, Inc..

David Fletcher // The following techniques serve to illustrate methods for obtaining C2 communication in a particular Cylance protected environment.  The configuration of the centralized infrastructure and the endpoint agents […]

The post Bypassing Cylance: Part 3 – Netcat & Nishang ICMP C2 Channel appeared first on Black Hills Information Security, Inc..

David Fletcher // The following techniques serve to illustrate methods for obtaining C2 communication in a particular Cylance protected environment.  The configuration of the centralized infrastructure and the endpoint agents […]

The post Bypassing Cylance: Part 2 – Using DNSCat2 appeared first on Black Hills Information Security, Inc..

David Fletcher // Recently, we had the opportunity to test a production Cylance environment. Obviously, each environment is going to be different and the efficacy of security controls relies largely […]

The post Bypassing Cylance: Part 1 – Using VSAgent.exe appeared first on Black Hills Information Security, Inc..

Carrie Roberts // * Would you like to run Mimikatz without Anti-Virus (AV) detecting it? Recently I attempted running the PowerShell script “Invoke-Mimikatz” from PowerSploit on my machine but it was […]

The post How to Bypass Anti-Virus to Run Mimikatz appeared first on Black Hills Information Security, Inc..

Logan Lembke // Antivirus has been a key component in defending computer systems since the 1990s. Over the years, antivirus began to dominate the discussion of PC security with other […]

The post Three Simple Disguises for Evading Antivirus appeared first on Black Hills Information Security, Inc..

Brian Fehrman // There are numerous methods that have been published to bypass Anti-Virus products. As a result, many companies are beginning to realize that application whitelisting is another tool […]

The post How to Bypass Application Whitelisting & AV appeared first on Black Hills Information Security, Inc..

Sally Vandeven // Evading anti-virus scanners has become a bit of a sport around BHIS.  When we do C2 testing for our customers we start with a host on the […]

The post Click to Enable Content appeared first on Black Hills Information Security, Inc..