Pwned: The Information Security Podcast

We have a very special episode this week! NuHarbor Security is literally the best place to work. Seriously, NuHarbor was selected as a "Best Places to Work in Vermont" for the second time! Justin and Zack discuss why they think NuHarbor was selected and why NuHarbor staff members make the difference. Justin also talks about how having a strong corporate philosophy that emphasizes staff wellness above all else can help any company succeed and how he prioritizes building a company of people who work well together. You can read more about the award and Justin's remarks as we received the award here: https://www.nuharborsecurity.com/best-place-to-work-2020  You can join NuHarbor and find out why we're a best place to work by visiting our career page at https://www.nuharborsecurity.com/careers Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: https://twitter.com/NuHarbor@nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

On this week’s Breach of the Week, we're talking CIA and a pretty epic dump of highly sensitive and classified materials including some of the most dangerous hacking tools they've created. Was it a nation state looking to seek revenge? Was it a hacking group that perpetrated the deepest depths of the government's networks? Listen and find out (hint: It wasn't either of those things). Justin gives his thoughts on how this went down, the lack of good policies and procedures, and we talk about the risk of the insider threat. Link to the story: https://www.washingtonpost.com/national-security/elite-cia-unit-that-developed-hacking-tools-failed-to-secure-its-own-systems-allowing-massive-leak-an-internal-report-found/2020/06/15/502e3456-ae9d-11ea-8f56-63f38c990077_story.html  Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: https://twitter.com/NuHarbor@nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

On this week's episode Justin's discussing cyber threat intelligence and why it takes a combination of good systems, smart people, and solid processes to stay ahead of the bad guys. Justin also shared some sources you can use to find intel and some thoughts on how to effectively use that intel including building your platform to manage all the data. You're going to be drinking from a fire hose once you start ingesting intel, so Justin also provides his thoughts on how to make sense of everything and how hiring someone, perhaps NuHarbor Security, can help to take that raw intel and use it to create a robust security posture that isn’t constantly feeding you false positives. If you like this episode, you should check our episode with Davis, one of our Cyber Threat Analysts https://www.nuharborsecurity.com/pwned-gigabytes-davis-finds-threats-before-they-find-you/ Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: https://twitter.com/NuHarbor@nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

On this week’s episode we are digging into a specific Maze Ransomware attack that hit one of the biggest security firms on the planet. What does it mean when a security company gets hit, how they'll probably be just fine with their billions of dollars, and whether or not we should cut them some slack. While we don't know how much they ultimately paid the hackers, we know that they estimate the impact to their company to be in the tens of millions of dollars, which for a company of this size is probably not something they wanted to deal with but have the resources to handle. Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: https://twitter.com/NuHarbor@nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

Despite the mediocre R.E.M. pun, this is a good episode. We're covering ShinyHunters and how they got busy in May dumping millions of accounts into the dark web. Zack learns that hacked data doesn't necessarily arrive ready to start using and Justin laments at the fact that hackers only need to be right once and business need to be right 100% of the time. We also talk about the return of Anonymous and who their targeting during their resurgence. Once again, we suggest you let REDSEC, our offensive security team, hack you before someone else does. Check out the full Wired story here: https://www.wired.com/story/shinyhunters-hacking-group-data-breach-spree/ Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: https://twitter.com/NuHarbor@nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

On this week’s episode we're talking to Davis about threat analysis and how he sifts through the noise to help keep organizations safer from security threats. We are covering everything from the alphabet soup of infosec acronyms to why having some human eyes on intel can strengthen information security to what the future holds in threat analysis. Davis sits in the purple side of the house between the REDSEC offensive security team and the groups defending against attacks. Justin also gets another opportunity to take a shot at AI and again we are reminded that even with the best technology, you gotta make sure the people that work for you are not downloading sketchy files. Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: https://twitter.com/NuHarbor@nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

In this week's Breach of the Week episode we talk about a big breach at Nintendo that revealed NNID, Nintendo's ID system, which is linked to other private and payment info. Justin and Zack then discuss everything from the cost of video games to video game streaming. Also, we discuss video game currencies and how big streaming video games is. Like, share, subscribe! Link to story: https://www.cshub.com/attacks/articles/incident-of-the-week-nintendo-investigating-160000-account-breaches Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: https://twitter.com/NuHarbor@nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

In this weeks Breach of the Week, Justin and Zack discuss not one, but two, separate breaches at Marriott hotels, one releasing nearly enough data for every person in the United States! Will this stop Justin and Zack from ever staying at a Marriott again or will they cash in those reward points for a future room upgrade? Tune in to find out! You can find more breaches at the privacy rights clearing house: https://privacyrights.org/data-breaches Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: https://twitter.com/NuHarbor@nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

It's graduation season and despite the very strange and challenging times we live in, a lot of awesome and talented students are about to be unleashed into the world and if you're a cyber security company that's trying to attract them, Justin has some thoughts. Maybe you already have a full roster but for some reason you just cannot seem to figure out why your best folks keep leaving, well, Justin has some thoughts on that as well. Attracting and keeping your talent is difficult and expensive. Yes, you gotta spend money to make money and that also goes with your people as well. Finally, Justin has a few thoughts on how you can build your skill set by building your own lab and putting in the work on your own time to make you a better candidate. A little something for everyone. Like, share, rate, and review! Let us know what you think! We're also including an in depth blog post to allow you to dig deeper into this episode and find ways to recruit and retain cyber talent: https://www.nuharborsecurity.com/attracting-keeping-cybersecurity-talent Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: https://twitter.com/NuHarbor@nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

This week we're again joined by Eric and Randy to hear some war stories. Randy takes us through the time that he immediately accessed a bunch of very critical files while he was hanging out waiting for an engagement to begin. He also discusses how Justin tried to talk him into making a very large statement to let the customer know that they'd been had and how Randy had to talk Justin out of it.  Randy also sheds some light on how something as simple as opening up the system to allow for some maintenance can be the thing that takes down your company.  Learn from the pros so you don't find yourself on our next Breach of the Week! You can find more breaches at the privacy rights clearing house: https://privacyrights.org/data-breaches Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: https://twitter.com/NuHarbor@nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

Whether you recently graduated or are looking to break into cyber security, you need to check out our hiring and recruiting episode with two of our Talent Acquisition Specialists, Emi and Allie. Should you write a 20-page resume? How important are cover letters? What are companies like NuHarbor looking for? Should you include a recipe for your world-famous spaghetti recipe? We are going to learn what happens behind the scenes after you upload your resume and hit submit and with any luck, help you get hired for your next cyber security job. A lot of tech companies are hiring and most of us probably have an idea of what we think sets us apart but Emi and Allie are going to set us straight on what catches a recruiters eye and how to stand out without being obnoxious. If you think you are a cyber security rock star and want to work for a company that values your skills as much as your work/life balance, check out the latest job postings and reach out to Emi and Alli on our career page: https://www.nuharborsecurity.com/careers Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: https://twitter.com/NuHarbor@nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

We live in a world where everything is connected to the internet, even fish tanks, and as we learn in today's episode, that internet connected fish tanks can cause you some real headaches. Justin found a story about a fish tank in a casino that was used to access a lot of sensitive data and Zack reveals why he is no longer welcome at PetSmart. We also explore the potentially lucrative market of protecting internet connected fish tanks. We are just beginning to see how difficult securing your data is when everything we own has an IP address and is ready for exploitation. For all this and more, check out this weeks, Breach of the Week! You can find more breaches at the privacy rights clearing house: https://privacyrights.org/data-breaches Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: https://twitter.com/NuHarbor@nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

On this week's episode of Pwned, Justin and Zack are joined by Eric and Randy, two operators from our penetration testing team. This is another long episode and we are spending that time to learn everything about how our team uses white hat techniques to poke, prod, and punch into various systems. They will be discussing the tactics, techniques, and procedures used by adversaries how they simulate attacks, from creating code that will give them credentials to walking in a building and plugging in a device. You will also learn the difference is between penetration testing and vulnerability scans and how Eric and Randy do their best to find vulnerability scan reports to prove the value of a true penetration test.  Sidenote, yes, I said Petaflop and I meant Petabyte and I'll forever live with this mistake - Zack Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: @nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

On this week’s episode of Pwned Breach of the Week, we are checking out dating data that found itself on the market, unfortunately it was not interested in starting a new relationship. The data breach resulted in numerous online dating services finding their client information on the dark web for sale to the highest bidder. In an age of increasing online dating, this type of breach can be expensive, revealing, and in some cases, quite embarrassing.  Justin provides some helpful tips in how services can test systems prior to a breach to protect them and Zack professes his love for coffee and bagels.  As always, we'd love to hear your feedback and hear your breach stories. You can find more breaches at the privacy rights clearing house: https://privacyrights.org/data-breaches Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: @nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

You would be hard pressed to find a cyber security company that isn't marketing its artificial intelligence capabilities. If you believe the hype, you probably think that AI can block zero day attacks, find the bad guys, and bring them to justice. The reality of what AI can and can't do, is quite different from what you may be seeing in advertisements.  While it's not a silver bullet, AI does have a role in cyber security. Can it catch things that the good ol' fashioned human being would otherwise miss? Can it actually stop attacks before they happen? On this weeks episodes Justin is laying out what artificial intelligence is, what it can do, and why you should be cautious when you are looking to employ AI systems to protect your organization. We're also including an in depth blog post to allow you to dig deeper into episode and learn more about artificial intelligence: https://www.nuharborsecurity.com/vulnerability-ai Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: @nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

On this week’s Breach of the Week, we learn the importance of measure twice, cut once. Why are we sharing this timeless carpentry advice? Well, for one, it is great advice to ensure you don't waste construction materials but for our purposes, the breach this week is about an email sent out with the best of intentions and instead releasing significant PII data.  As if you need another reason to check your email, we also talk about an email involving Nicholas Cage and yet another email that revealed who was pulling their weight at a big corporation.  We highlight these mistakes because it is so easy that anyone could mistakenly do this, proving yet again human error is a significant vulnerability. So, check that email twice before sending, measure that board twice before cutting, and stay off our Breach of the Week! You can find more breaches at the privacy rights clearing house: https://privacyrights.org/data-breaches Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: https://www.nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: @nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

Welcome to our first GigaByte episode!  In this long episode, we are taking a big dive into information and cyber security industry trends with two of our Trusted Security Advisors, Chad, and Travis. They share what they have seen over the last few months, what changed with COVID-19 and what the future holds for the information security industry. As the industry has adapted, so has NuHarbor (in fact, this entire podcast was recorded remotely) and Chad and Travis explain how they have had to use their expertise to help information security professionals protect their organizations in a landscape that changes by the day.  Chad and Travis also provide their thoughts on what changes are going to stick around, including significant increases in people working remotely and the challenges of using company devices, on personal networks, to log into company networks. How can companies prepare for this security challenge? Does the future of work involve more opportunities to stay in your pajamas? And will we ever have to go into a grocery store again? Tune in and find out! Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: www.nuharborsecurity.com Facebook: www.facebook.com/nuharbor/ Twitter: @nuharbor LinkedIn: www.linkedin.com/company/nuharbor/ Instagram: www.instagram.com/nuharborsecurity/

This week we're mixing it up with our Breach of the Week: The Case of the Missing CD-ROM. Yes, CD-ROM. Zack and Justin discuss the theft of a CDROM with PII and ponder why anyone would want to steal a CD-ROM and if they would even have a drive to get the data off in the first place. A real whodunit.  Was it the Smithsonian, a confused child, or a Pintrest fail?  Tune in to find out. Also, we've already hit 1000 listens for the new season!  Thank you to everyone that listens to and enjoys our podcast!  Unfortunately, we're not satisfied with a mere 1000 listens and are challenging you to subscribe, like, share, rate, and review and get your fellow infosec and cyber security friends to listen. Next week we've got our first long episode where we talk to two of our Trusted Security Advisors about trends in the cyber security industry and how COVID-19 has flipped everything on its head. You can find more breaches at the privacy rights clearing house: https://privacyrights.org/data-breaches Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: www.nuharborsecurity.com Facebook: www.facebook.com/nuharbor/ Twitter: @nuharbor LinkedIn: www.linkedin.com/company/nuharbor/ Instagram: www.instagram.com/nuharborsecurity/

This week we're exploring Tactics, Techniques and Procedures (TTP) related to COVID-19 threats. As with many disasters, cyber criminals are hoping to exploit people who are trying to find helpful information online and may be more likely to open sketchy links or email attachments. Therefore, the best ways to protect your organization is to understand what these threats look like, how they work, and who may be behind them, all of which requires that you understand the TTPs being used. So, check out this episode to learn about TTPs for COVID-19 threats.  If you are enjoying these episodes, have ideas around topics, or would like to be on a future episode, contact us at pwned @ nuharborsecurity.com Episode Transcript: PWNED Transcripts - S2E4 - TTPs for COVID-19 Threats Check out NuHarbor Security for complete cyber security protection for your business and a security partner you can trust. Website: www.nuharborsecurity.com Facebook: www.facebook.com/nuharbor/ Twitter: @nuharbor LinkedIn: www.linkedin.com/company/nuharbor/ Instagram: www.instagram.com/nuharborsecurity/ Covid-19 related TTPs: Malware / Attack Phishing Geography / Industry Japan Lure Coronavirus Info Microsoft Word with malicaious VBA macro.  Installs Emotet via Powershell. Malware / Attack Phishing Geography / Industry United States Lure "COVID-19 — Now Airborne, Increased Community Transmission", appears to be from the CDC.gov (headers manipulated) Info Originally identified by Cofense, When victims click on the embedded link, they are redirected to a Microsoft Outlook login page, and upon entering their legitimate credentials, are further redirected to a legitimate website of the CDC. Malware / Attack Phishing Geography / Industry Italy Lure "Coronavirus: informazioni importanti su precauzioni", appears to be from “Dr. Penelope Marchetti,” an employee of the WHO in Italy. Info Emails contain Microsoft Office Documents with VBA macros that installs Trickbot Malware that steals personal information or installs additional malware. Malware / Attack Phishing Geography / Industry South Korea Lure Varying subject lines that claim to information about South Korea's response to COVID-19. Info Emails contain Microsoft Word documentation that installs the North Korea's BabyShark Malware. Malware / Attack Phishing Geography / Industry United States Lure Email claiming to provide victims with information on global FedEx operations while the COVID-19 outbreak continues. Info Emails contained an attachment titled “Customer Advisory.PDF. exe” that, when opened, infected the victim with the Lokibot malware Malware / Attack Phishing Geography / Industry United States Lure Email claiming to provide victims with information on global FedEx operations while the COVID-19 outbreak continues. Info Emails contained an attachment titled “Customer Advisory.PDF. exe” that, when opened, infected the victim with the Lokibot malware Malware / Attack Phishing Geography / Industry United States Lure COVID-19 type content Info Originally identified by Proofpoint, These attacks involved emails that contained Microsoft Office document attachments designed to lure victims and exploit a Microsoft Office vulnerability, tracked as CVE-2017-11882, which allows attackers to run arbitrary code in the context of the current user ultimately installing AZORult malware. Malware / Attack Phishing Geography / Industry United States Lure COVID-19 emails from CDC.gov Info URL contained within a phishing email led to a fake Microsoft Outlook login page, designed to convince victims to input their credentials. In another instance, victims were asked to donate Bitcoin to the CDC to aid in the pursuit of a vaccine.

On today's episode we're talking COOP, or Continuity of Operations Planning. It's estimated that as many as 50 percent of businesses impacted by a disaster will fail and that number is even higher for small businesses. You're likely operating some form of a COOP plan due to COVID-19 and you may not have even realized it and hopefully you had a plan before everything hit the fan.  Unfortunately, we're seeing business close up shop because they were not prepared. COOP at it's most basic level is planning for how you'll maintain your businesses critical functions before, during, and after a major disruption.  What exactly does it cover?  Some basic things to plan for include how you'll communicate and access data, how staff will work, what systems must remain operational, how long you can function in a contingency mode, organizing your teams, delegating authority, and how you'll get back to normal operations. What can you do to prepare? FEMA has developed two online courses specific to COOP planning during a pandemic. IS 520: Introduction to Continuity of Operations Planning for Pandemic Influenzas and IS 522: Exercising Continuity Plans for Pandemic Course.  These courses provide a great intro to the COOP process and can help build a solid foundation of training and experience. There are a number of different standards to help assess and guide your COOP planning efforts and many organizations that can assist you from federal agencies to private sector consultants.  Continuity of Operations Planning is a critical process that will help to ensure that your organization can survive any disaster.  If you need assistance with your cyber COOP planning, contact us at NuHarbor Security today. As always, thank you to our sponsor, Nuharbor security your end to end provider of security services and solutions If your looking for smart security solutions for your business and a security partner that actually gives a *BEEP*, visit us at www.nuharborsecurity.com