The NuHarbor Notice
Mailbag – Grassroots Organizations: From BSides to Breaches & Beer
Another pull from the mailbag combined with some wisdom from BSides' Jack Daniel prompt Justin and Jack to talk about the importance and authenticity of cyber grassroots groups. "These types of organizations are exactly who we need in the community" - Justin Fimlaid...
Breach of the Week – Lapsus$ Dancing With NVIDIA
Recently, former ransomware group Lapsus$ threatens to expose the private information of NVIDIA if they don't stop disabling crypto-mining. Justin and Jack break it down. If you have any questions or suggestions, send us an email at [email protected] If you...
RightSwipes – Google Swipes Their Ideal Man-diant
In a security community match that tops a Kardashian hookup, Google and Mandiant have found each other and this time, Justin and Jack aren't in sync on the love match. Come hear why. If you have any questions or suggestions, send us an email at...
Ubuntu Server Hardening Guide
Original Author: Hunter Gregal Updated By: Justin Fimlaid ***NOTICE*** To those reading this... 3/8/22: I think *most* of this information is still good but please be cognizant of the Ubuntu version numbers. There's some great comments at the bottom about additional...
Meet the New NeynPhone
A new Breach of the Week episode highlights NSO, Pegasus, and iPhone breaches. If you have any questions or suggestions, send us an email at [email protected] If you like our content, please like, share, and subscribe! We'll catch you next time. Resources...
Butts as Biometrics
A rant on "Eyes on Glass" turns into a new entry into the Pit of Despair. If you have any questions or suggestions, send us an email at [email protected] If you like our content, please like, share, and subscribe! We'll catch you next time. Check out...
RightSwipes – Is Optiv Available for Swiping?
It looks like KKR and Optiv may be moving on. Was this a missed Swipe, or have they just grown apart? Justin and Jack have got the details. If you have any questions or suggestions, send us an email at [email protected] If you like our content, please like,...
Mailbag Mission: Certifiable Interest
Jesse wants to go from Down Under to tops in cybersecurity, and is looking to Justin and Jack for some advice. If you have any questions or suggestions, send us an email at [email protected] If you like our content, please like, share, and subscribe! We'll...
Does Security Have to be Painful to be Good?
Cybersecurity has evolved over the years. The increased accessibility of features and functionality requires less understanding of the cybersecurity practice and discipline to be successful. Is the "art of cybersecurity" lost, or does a shift in consumption bring more...
We’ve Got Mail – The Science of Security Spend
You ask, we answer. Thank you to investor Ryan for your insightful question into market share, security vendors, and what it means for the security marketplace. If you have any questions or suggestions, send us an email at [email protected] If you like our...
Zero-Sum Breach of the Week
This week's Pwned episode comes with a zero-sum Breach of the Week! Jack and Justin talk one publicly disclosed breach, and one publicly disclosed breach that could have been, but wasn't. If you have any questions or suggestions, send us an email at...
Right Swipe – Google Takes Siemplify Home
Google recently acquired Siemplify to integrate it into Google Cloud Chronicle. Jack and Justin give the run down of the pair and decide if the match has chemistry and will thrive in their relationship, or if Google should have just gone home alone. If you have any...
Punxsutawney Programmer
We're back - like Groundhog Day! Wait, it is Groundhog Day! The debate of supporting open source software and software supply chain security keeps repeating. Learn what one programmer does to get peoples attention and put an explanation point on the power that open...
Zero Trust, No Trust
Zero Trust is a highly attractive term that conjures beneficial impacts, but is inconsistently defined (hint: it means "Don't Trust Anything"). Its history of overuse means Justin and Jack have to spend some time making it clear. Beware the Pit of Despair! If you have...
Sharing Threat Intelligence is Caring — Unless it’s with the Person Attacking You!
For as long as I've been in Cybersecurity, we have this "thing" about sharing threat intelligence. In State and Local Government, this is even more apparent, as the public sector leans towards being fairly collaborative. In this community, there are two main drivers...