Blog
Securing Healthcare from Ransomware Attacks
October is National Cyber Security Awareness Month, and one of the main themes for 2020 is Securing Internet-Connected Devices in Healthcare. Securing IT devices in healthcare is critical, as any system downtime can lead to deaths and degraded response to emergencies....
Disaster Preparedness with NIST 800-53
September is National Preparedness Month and October is National Cybersecurity Awareness Month, which makes it a great time to review your organization’s disaster preparedness strategy. Implementing a contingency plan for a natural disaster could be the difference...
Breach of the Week: QR Code Quagmire
We're talking QR codes this week and no, it is not 2010. QR codes are back and they're doing more than ever. QR codes have returned to help us do contactless payments, authentication, and all the other fun stuff they could do before, however, like everything digital,...
Threat Hunting Basics – The Hunted Becomes the Hunter
What is Threat Hunting? Threat hunting is the process of proactively searching through environments and networks to detect and isolate advanced threats that were not discovered by traditional security solutions. Threat hunting assumes that the environment is already...
NuHarbor Security Announces NuHarbor Powered by Splunk + Tenable in Partnership with NACo
Colchester, VT – September 14, 2020: Premier cybersecurity services provider NuHarbor Security is teaming up with trusted partners and industry leaders, Splunk and Tenable, to deliver a turnkey managed security and vulnerability solution for the National Association...
Cyber Threat Intelligence 101 – The Basics
What is Cyber Threat Intelligence? Cyber Threat intelligence is information that is used to identify and understand cyber threats to an organization. This intelligence is used to identify threats that could be a risk to an organization and make informed decisions to...
CrowdStrike MDR – Detection Services (Part 1 of 4)
This is part 1 of a 4 part of CrowdStrike Managed Detection and Response (MDR) series. The very first thing you should know about managed detection and response (MDR) providers is that the best service can only exist with the best technology. What I mean by that, is...
Bringing SIEM to the Next Level
What is a SIEM? Security Information and Event Management (SIEM) is a broad term that encompasses software, appliances, and managed services that combine security information management and security event management. These services include the ability to aggregate...
Building an Information Security Management System with ISO 27001
Who Needs ISO 27001? Every day we hear from organizations being asked if they are 27001 compliant and what they need to do to become compliant. The ISO 27001 standard provides a very well-rounded assessment to prove you have an effective information security...
NuHarbor Security Named a 2020 Best Place to Work in Vermont
For the second time, NuHarbor Security has been selected as a “Best Places to Work in Vermont” recipient. NuHarbor received notification of being selected in early Spring but restrictions on events due to the COVID-19 pandemic resulted in the awards ceremony being...
Web App Vulnerability Basics: Insecure Direct Object Reference
This is an article in a series on Web Application Vulnerability Basics. What Is Insecure Direct Object Reference? Insecure Direct Object Reference, also known as IDOR, is a reference to an internal implementation object that is exposed to a user without proper...
Breach of the Week – Shocked and Amazed
On this week’s episode we are digging into a specific Maze Ransomware attack that hit one of the biggest security firms on the planet. What does it mean when a security company gets hit, how they'll probably be just fine with their billions of dollars, and whether or...
Web App Vulnerability Basics: Cross-Site Scripting
This is an article in a series on Web Application Vulnerability Basics. What Is Cross-Site Scripting? Cross-Site Scripting, also known as “XSS”, is a web exploit that allows an attacker to inject malicious content (such as markup, or scripts) into a web application....
Top Five Security Podcasts You Should Be Listening To
If you’re like me, finding good podcast content is hard. I really struggle as I either like podcasts that bend my brain a bit or tells a good story where I can be entertained. Too often I come across podcasts that drone on forever about meaningless topics or...
NuHarbor Security releases CMMC Certification Support for Splunk MSSP clients
Splunk MSSP and CMMC Certification Support NuHarbor Security has released CMMC support for Splunk MSSP clients that need to pursue Cybersecurity Maturity Model Certification. The cyber security maturity model certification is a new standard for implementing...