Author Archives: BHIS

Webcast: What Can Docker Do for Me?

Are you tired of spinning up an entire OS in a VM just to run a tool? Have you ever struggled to install a program you needed? When was the last time you spent hours troubleshooting a complex install process or resolving dependency conflicts? We’ve certainly experienced each of these problems ourselves. But since we […]

The post Webcast: What Can Docker Do for Me? appeared first on Black Hills Information Security.

How To: Applied Purple Teaming Lab Build on Azure with Terraform (Windows DC, Member, and HELK!)

Jordan Drysdale & Kent Ickler // tl;dr Ubuntu base OS, install AZCLI, unpack terraform, gather auth tokens, run script, enjoy new domain.  https://github.com/DefensiveOrigins/APT-Lab-Terraform For those of you who have been diligently following along – three webcasts now, a four-hour intro training session on a Saturday, our students who have attended the virtual courses – it […]

The post How To: Applied Purple Teaming Lab Build on Azure with Terraform (Windows DC, Member, and HELK!) appeared first on Black Hills Information Security.

Webcast: Atomic Purple Team Framework and Life Cycle

Jordan Drysdale & Kent Ickler // Jordan and Kent are back again to continue strengthening organizations’ information security human capital (That’s all you folks!). Organization Leadership and Security Practitioners can gain understanding on the potential designed-to-fail Purple Teams initiatives never reached their full potential. The Duo reviews how systemic organizational career pathing created an insoluble […]

The post Webcast: Atomic Purple Team Framework and Life Cycle appeared first on Black Hills Information Security.

Now That’s What I Call ADHD! 4

Moth & James Marrs // Introduction After a month of hard work, Python headaches, dependency hell, and a bit of tool necromancy, ADHD4 is here and we’re thrilled to share it with the community! This version features tools upgraded from Python 2 to Python 3, a fancy new applications menu, updated/reorganized documentation, and more. What’s […]

The post Now That’s What I Call ADHD! 4 appeared first on Black Hills Information Security.

Let’s Talk About TikTok

Derek Banks // I recently heard something on the news that caught my attention.  I suppose that isn’t abnormal these days, but this in particular was the first time I had heard of anything like it.  The US Government was considering banning a popular application in use on mobile devices.  Not just on government devices, […]

The post Let’s Talk About TikTok appeared first on Black Hills Information Security.

We Have Built a Cyber Range!

John Strand // Hello all! I wanted to take a few moments and share what we have been up to in conjunction with MetaCTF. We have built a cyber range!   https://www.blackhillsinfosec.com/services/cyber-range/ Yes, I know very well that this is not interesting.  However, there are a couple of things that are pretty neat about it. First, […]

The post We Have Built a Cyber Range! appeared first on Black Hills Information Security.

Webcast: What About Ransomware?

This is a joint webcast between Black Hills Information Security and the Wild West Hackin’ Fest conference. We hate ransomware. Like a lot. This is because we feel this is the future of cyber attacks. If you look at the recent cases and the newish versions that involve extortion, there is nothing to like. Well, […]

The post Webcast: What About Ransomware? appeared first on Black Hills Information Security.

Webcast: Modern Webapp Pentesting: How to Attack a JWT

So much information about testing webapps for security problems is old. Don’t get me wrong, the old stuff still works way more often than we’d like, but there’s more to webapp vulnerabilities than cross-site scripting and SQL injection. Take JWTs – JSON Web Tokens – for example. These are base64 encoded tokens that sometimes get […]

The post Webcast: Modern Webapp Pentesting: How to Attack a JWT appeared first on Black Hills Information Security.

Webcast: IPv6: How to Securely Start Deploying

Joff Thyer has dove into everything that is IPv6 and has so much to share about it. He gets really technical but in a way you’ll be able to understand. Google reports that over 30% of their systems access comes via the IPv6 protocol coming into 2020. Many Internet Service Providers have no remaining choice […]

The post Webcast: IPv6: How to Securely Start Deploying appeared first on Black Hills Information Security.

Webcast: Durable vs. Ephemeral Threat Intel

In this Black Hills Information Security webcast John breakdowns why he hates threat intelligence… Again… But, he breaks down some of the cool new projects that are focusing on durable threat intelligence. This is key because many intel feeds are nothing more than domains, hashes, and IP addresses. However, with durable threat intel, we see […]

The post Webcast: Durable vs. Ephemeral Threat Intel appeared first on Black Hills Information Security.