Pwned: The Information Security Podcast-logo

Pwned: The Information Security Podcast

Technology Podcasts

Pwned is a weekly information and cyber security podcast addressing real-world security challenges. Occasionally funny, always informational, and driven by those who live and breathe security. Each episode we dive into the latest and greatest in technology, security frameworks, best practices, and how-tos. We’ll chat with industry leaders to learn how they got to where they are, what they see coming, and how they learned from their mistakes.

Pwned is a weekly information and cyber security podcast addressing real-world security challenges. Occasionally funny, always informational, and driven by those who live and breathe security. Each episode we dive into the latest and greatest in technology, security frameworks, best practices, and how-tos. We’ll chat with industry leaders to learn how they got to where they are, what they see coming, and how they learned from their mistakes.

Location:

Colchester, Vermont

Description:

Pwned is a weekly information and cyber security podcast addressing real-world security challenges. Occasionally funny, always informational, and driven by those who live and breathe security. Each episode we dive into the latest and greatest in technology, security frameworks, best practices, and how-tos. We’ll chat with industry leaders to learn how they got to where they are, what they see coming, and how they learned from their mistakes.

Twitter:

@NuHarbor

Language:

English

Contact:

1-800-917-5719


Episodes

Breach of the Week – How About You Nintendon’t Do That

6/4/2020
In this week's Breach of the Week episode we talk about a big breach at Nintendo that revealed NNID, Nintendo's ID system, which is linked to other private and payment info. Justin and Zack then discuss everything from the cost of video games to video game streaming. Also, we discuss video game currencies and how big streaming video games is. Like, share, subscribe! Link to story: https://www.cshub.com/attacks/articles/incident-of-the-week-nintendo-investigating-160000-account-breaches Check...

Duration:00:16:00

Pwned Gigabyte – Say Hello to REDSEC with Kyle

6/2/2020
This week we are welcoming Kyle to the podcast to tell us all about REDSEC. We'll learn who they are and how they help clients find vulnerabilities before the bad guys do. Kyle will talk about why we have updated and centralized the offensive testing side of the house at NuHarbor and what sets it apart from other offensive security organizations. From snooping Wi-Fi to phishing for credentials to hacking webapps, nothing is safe from the skilled operators. We also talk about R.A.V.E.N., the...

Duration:00:36:31

Breach of the Week – Marriott Meltdown

5/28/2020
In this weeks Breach of the Week, Justin and Zack discuss not one, but two, separate breaches at Marriott hotels, one releasing nearly enough data for every person in the United States! Will this stop Justin and Zack from ever staying at a Marriott again or will they cash in those reward points for a future room upgrade? Tune in to find out! You can find more breaches at the privacy rights clearing house: https://privacyrights.org/data-breaches Check out NuHarbor Security for complete cyber...

Duration:00:09:04

Attracting and Keeping Your Cyber Security Talent

5/26/2020
It's graduation season and despite the very strange and challenging times we live in, a lot of awesome and talented students are about to be unleashed into the world and if you're a cyber security company that's trying to attract them, Justin has some thoughts. Maybe you already have a full roster but for some reason you just cannot seem to figure out why your best folks keep leaving, well, Justin has some thoughts on that as well. Attracting and keeping your talent is difficult and...

Duration:00:14:19

Breach of the Week: War Stories With Eric

5/21/2020
On this week's episode, we're testing how far a breach can go and what happens when a customer is 100% positive they're system is bullet proof. Can Eric drop ship a very expensive item to prove a point? Can Randy print himself a badge so that he doesn't have to wait for one? Did Justin really want a tractor for the office? Our dynamic duo of Eric and Randy are back and it's Eric's turn to share some of his penetration testing highlights. Here's another chance to get a peek behind the curtain...

Duration:00:15:30

Why Government Is the Ultimate Ransomware Target

5/19/2020
Why are government agencies constantly a target for ransomware? Not a day goes without a story about a city or government agency that is found itself on the losing end of a ransomware attack. Adversaries can create relentless attacks on networks looking for any vulnerabilities to exploit and get unlimited tries while an agency only needs one person to make a mistake and compromise an entire system. Justin will share his thoughts on why governments are such attractive targets and why...

Duration:00:07:47

Pwned Breach of the Week – War Stories with Randy

5/14/2020
This week we're again joined by Eric and Randy to hear some war stories. Randy takes us through the time that he immediately accessed a bunch of very critical files while he was hanging out waiting for an engagement to begin. He also discusses how Justin tried to talk him into making a very large statement to let the customer know that they'd been had and how Randy had to talk Justin out of it. Randy also sheds some light on how something as simple as opening up the system to allow for some...

Duration:00:14:03

Pwned GigaBytes – Hiring and Recruiting with Emi and Allie

5/12/2020
Whether you recently graduated or are looking to break into cyber security, you need to check out our hiring and recruiting episode with two of our Talent Acquisition Specialists, Emi and Allie. Should you write a 20-page resume? How important are cover letters? What are companies like NuHarbor looking for? Should you include a recipe for your world-famous spaghetti recipe? We are going to learn what happens behind the scenes after you upload your resume and hit submit and with any luck,...

Duration:00:34:36

Breach of the Week – Catch of the Day

5/7/2020
We live in a world where everything is connected to the internet, even fish tanks, and as we learn in today's episode, that internet connected fish tanks can cause you some real headaches. Justin found a story about a fish tank in a casino that was used to access a lot of sensitive data and Zack reveals why he is no longer welcome at PetSmart. We also explore the potentially lucrative market of protecting internet connected fish tanks. We are just beginning to see how difficult securing your...

Duration:00:12:02

Pwned GigaByte – Eric and Randy Get Paid to Break Into Other Peoples Stuff

5/5/2020
On this week's episode of Pwned, Justin and Zack are joined by Eric and Randy, two operators from our penetration testing team. This is another long episode and we are spending that time to learn everything about how our team uses white hat techniques to poke, prod, and punch into various systems. They will be discussing the tactics, techniques, and procedures used by adversaries how they simulate attacks, from creating code that will give them credentials to walking in a building and...

Duration:01:01:44

Pwned Breach of The Week: Your Online Dating Data Is Ready to Mingle

4/30/2020
On this week’s episode of Pwned Breach of the Week, we are checking out dating data that found itself on the market, unfortunately it was not interested in starting a new relationship. The data breach resulted in numerous online dating services finding their client information on the dark web for sale to the highest bidder. In an age of increasing online dating, this type of breach can be expensive, revealing, and in some cases, quite embarrassing. Justin provides some helpful tips in how...

Duration:00:07:45

The Vulnerability of Artificial Intelligence

4/28/2020
You would be hard pressed to find a cyber security company that isn't marketing its artificial intelligence capabilities. If you believe the hype, you probably think that AI can block zero day attacks, find the bad guys, and bring them to justice. The reality of what AI can and can't do, is quite different from what you may be seeing in advertisements. While it's not a silver bullet, AI does have a role in cyber security. Can it catch things that the good ol' fashioned human being would...

Duration:00:08:41

Pwned Breach of the Week: Measure Twice, Cut Once, and Check Your Email Attachments

4/23/2020
On this week’s Breach of the Week, we learn the importance of measure twice, cut once. Why are we sharing this timeless carpentry advice? Well, for one, it is great advice to ensure you don't waste construction materials but for our purposes, the breach this week is about an email sent out with the best of intentions and instead releasing significant PII data. As if you need another reason to check your email, we also talk about an email involving Nicholas Cage and yet another email that...

Duration:00:09:02

Pwned GigaByte – Chad and Travis Discuss Industry Trends, the Impacts of COVID-19, and the Future of Remote Working

4/21/2020
Welcome to our first GigaByte episode! In this long episode, we are taking a big dive into information and cyber security industry trends with two of our Trusted Security Advisors, Chad, and Travis. They share what they have seen over the last few months, what changed with COVID-19 and what the future holds for the information security industry. As the industry has adapted, so has NuHarbor (in fact, this entire podcast was recorded remotely) and Chad and Travis explain how they have had to...

Duration:00:35:46

Pwned Breach of the Week: The Case of the Missing CD-ROM

4/16/2020
This week we're mixing it up with our Breach of the Week: The Case of the Missing CD-ROM. Yes, CD-ROM. Zack and Justin discuss the theft of a CDROM with PII and ponder why anyone would want to steal a CD-ROM and if they would even have a drive to get the data off in the first place. A real whodunit. Was it the Smithsonian, a confused child, or a Pintrest fail? Tune in to find out. Also, we've already hit 1000 listens for the new season! Thank you to everyone that listens to and enjoys our...

Duration:00:05:50

TTPs for COVID-19 Threats

4/14/2020
This week we're exploring Tactics, Techniques and Procedures (TTP) related to COVID-19 threats. As with many disasters, cyber criminals are hoping to exploit people who are trying to find helpful information online and may be more likely to open sketchy links or email attachments. Therefore, the best ways to protect your organization is to understand what these threats look like, how they work, and who may be behind them, all of which requires that you understand the TTPs being used. So,...

Duration:00:11:00

Pwned Byte Sized – Continuity of Operations Planning

4/10/2020
On today's episode we're talking COOP, or Continuity of Operations Planning. It's estimated that as many as 50 percent of businesses impacted by a disaster will fail and that number is even higher for small businesses. You're likely operating some form of a COOP plan due to COVID-19 and you may not have even realized it and hopefully you had a plan before everything hit the fan. Unfortunately, we're seeing business close up shop because they were not prepared. COOP at it's most basic level...

Duration:00:01:42

SOAR for MSSPs

4/7/2020
This week we explore security orchestration, automation and response (SOAR) and how managed security service providers (MSSP) can leverage SOAR to better secure your organization. We'll discuss the challenges of traditional security monitoring and the benefits of working with an MSSP that integrates SOAR in its practice to be better prepared to respond to real events and understand how traditional methods of monitoring cyber security events can create complacency and miss real world...

Duration:00:07:35

Pwned Byte Sized – Keeping Your Web Conferences Secure!

4/2/2020
Without question, we've entered a new era of web-based meetings. This has become how most companies are conducting business with the current pandemic. And I suspect this is going to remain even active after we're all back at our offices. One thing that's come up with the proliferation of web meetings is the failure to secure those meetings. It's gotten bad enough that the FBI field office in Boston actually sent out an advisory today talking about the risks of meetings being infiltrated. So,...

Duration:00:01:40

Securing Your Remote Workforce

3/31/2020
Many organizations are finding themselves scrambling to secure their remote workforce due to COVID-19. On this episode, we're talking remote workforce security best practices and what you can do to keep your team running out of the office. Best case scenario, you planned and exercised for just this situation and your team was ready to make the switch to off site, your staff were trained on how to securely work away from the office, and your system was built to keep your network and data safe...

Duration:00:11:33