Salted Hash

Regulating the IoT: A conversation with Bruce Schneier | Salted Hash Ep 49

Tue, 04 Dec 2018 18:38:06 -0000

Security expert and author Bruce Schneier talks with senior writer J.M. Porup about that widespread use of connected chips -- allowing hackers to access cars, refrigerators, toys and soon, even more home consumer items.

How secure are electronic voting machines? | Salted Hash Ep 48

Tue, 04 Dec 2018 18:35:02 -0000

With the midterm elections looming, electronic voting machines are getting increased scrutiny. J.M. Porup, senior writer at CSO, sits in the hosts chair this episode, breaking down the security risk with content producer Juliet Beauchamp.

Talking DerbyCon, spy chip whispers and Google's data breach | Ep 47

Mon, 15 Oct 2018 20:02:24 -0000

Steve Ragan and J.M. Porup catch up post-DerbyCon conference to discuss psychological issues in the infosec community, supply chain security and whether it's time to make China the boogeyman again, as well as Google's recent data breach.

Smart cities and security vulnerabilities | Salted Hash Ep 46

Thu, 30 Aug 2018 14:36:00 -0000

In this episode, host Steve Ragan talks with Charles Henderson, global managing partner at IBM's X-Force Red, about smart cities and the potential vulnerabilities in IoT, as well as Daniel Crowley, research director at X-Force Red.

VirusTotal Intelligence, a search engine for malware | Salted Hash Ep 45

Fri, 24 Aug 2018 18:11:00 -0000

In this episode, host Steve Ragan talks with Karl Hiramoto, technical solutions consultant for VirusTotal, maker of VirusTotal Intelligence, a searchable detection tool for malware.

Detecting bot attacks | Salted Hash Ep 44

Fri, 24 Aug 2018 18:09:00 -0000

In this episode, host Steve Ragan talks with Engin Akyol, CTO at Distil Networks at the Black Hat 2018 conference, about bot account takeovers and how they can be detected.

Blue Team Village, DEF CON 2018 | Salted Hash Ep 43

Fri, 24 Aug 2018 18:05:30 -0000

Host Steve Ragan talks to Munin, a staffer at the DEF CON Blue Team Village about what's happening and what you can expect.

Phishing AI | Salted Hash Ep 42

Fri, 24 Aug 2018 18:03:00 -0000

Host Steve Ragan is joined by Lookout’s Jeremy Richards, who manages the @PhishingAI account on Twitter, as well as a good friend and fellow reporter from Ars Technica.

An inside look at hybrid Office 365 phishing attacks | Salted Hash Ep 41

Fri, 24 Aug 2018 18:01:00 -0000

In this episode, Steve Ragan shows what a hybrid phishing attack looks like as it starts off on one service, and quickly moves to another.

An introduction to Kit Hunter, a phishing kit detector | Salted Hash Ep 40

Fri, 24 Aug 2018 17:59:00 -0000

Kit Hunter, a basic Python script written by host Steve Ragan, searches on common tag elements to find hidden phishing kits on a web server.

What is a phishing kit? Listen to this in-depth explainer | Salted Hash Ep 39

Fri, 24 Aug 2018 17:56:00 -0000

What is a phishing kit? In this podcast, Steve Ragan offers an answer and a look at some of the kits Salted Hash has collected.

Conversation hijacking attacks | Salted Hash Ep 38

Thu, 23 Aug 2018 19:48:00 -0000

Troy Gill, manager of security research at AppRiver, explains conversation hijacking attacks, or CHAs, with host Steve Ragan, including who is typically targeted and how to prevent them.

Phishing problems: 3.2M emails blocked in a month | Salted Hash Ep 37

Thu, 23 Aug 2018 19:46:00 -0000

Asaf Cidon, vice president of email security at Barracuda Networks, talks with host Steve Ragan about a recent uptick in phishing attacks, including a spike in business email compromise (BEC) attacks.

The risks associated with global Internationalized Domain Names | Salted Hash Ep 36

Thu, 23 Aug 2018 19:44:00 -0000

Paul Vixie, CEO of Farsight Security, explains how global Internationalized Domain Names, or global IDNs, sparked the emergence of confusingly similar website addresses with nefarious goals -- and how to combat them.

Don't ignore application security | Salted Hash Ep 35

Thu, 23 Aug 2018 19:43:00 -0000

In this episode, Michael Feiertag, CEO and co-founder of tCell, joins host Steve Ragan to talk about why application security is more critical than ever and why it's just now getting more attention from security teams.

The difference between red team engagements and vulnerability assessments | Salted Hash Ep 34

Thu, 23 Aug 2018 19:41:00 -0000

In this episode, host Steve Ragan talks with Phil Grimes, Professional Services Lead at RedLegg, about the challenges of educating customers — and building a partnership with them — to create successful red team engagements.

TSB phishing attacks | Salted Hash Ep 33

Mon, 09 Jul 2018 13:51:00 -0000

TSB phishing attacks | Salted Hash Ep 33 by Salted Hash

The difference between red team engagements and vulnerability assessments | Salted Hash Ep 34

Mon, 09 Jul 2018 13:47:00 -0000

What an Apple phishing attack looks like | Salted Hash Ep 32

Mon, 09 Jul 2018 13:43:00 -0000

How can you tell the difference between a legitimate email and a phishing attack? Host Steve Ragan shows what an Apple phishing attack looks like, screen by screen, showing the difference between the real and the fake.

Getting hands-on with industrial control system setups at RSA | Salted Hash Ep 31

Mon, 09 Jul 2018 13:41:00 -0000

Host Steve Ragan is joined on the RSA 2018 show floor by Bryson Bort, CEO and founder of SCYTHE, to talk about the ICS Village, where attendees can learn how to better defend industrial equipment through hands-on access to the equipment.

How the Spanish cybercriminal underground operates | Salted Hash Ep 30

Mon, 09 Jul 2018 13:39:00 -0000

Host Steve Ragan reports from the RSA 2018 conference, talking with Liv Rowley, an intelligence analyst at Flashpoint, about Spanish cybercrime, an underground community that poses persistent security risks.

Learn what the 'zero trust' security model really means | Salted Hash Ep 29

Fri, 08 Jun 2018 15:44:00 -0000

Host Steve Ragan reports from RSA 2018 conference, talking with Wendy Nather, director, advisory CISOs at Duo Security, about how organizations can build a zero trust model, including consistently authenticating users.

Words on a ceiling: Red Team stories with Salted Hash

Mon, 04 Jun 2018 18:55:00 -0000

Host Steve Ragan talks shop with Phil Grimes, a security consultant with an interesting collection of Red Team engagement stories.

Countdown to the GDPR deadline: Are you ready? | Salted Hash Ep 28

Wed, 23 May 2018 23:12:00 -0000

Host Steve Ragan reports from the RSA 2018 show floor, talking with Greg Reber, founder and CEO at AsTech Consulting, about the looming GDPR deadline and what IT security professionals should be getting done now.

Can AI help bridge the IT security skills gap? | Salted Hash Ep 27

Wed, 23 May 2018 23:09:00 -0000

Host Steve Ragan reports from the show floor at RSA 2018, taking with Oliver Tavakoli, CTO at Vectra Networks, and author of the Thinking Security blog on CSOonline.com, about the types of IT security work that can be off-loaded to artificial intelligence systems.

How deception technologies use camouflage to attract attackers | Salted Hash Ep 26

Wed, 23 May 2018 23:07:00 -0000

Host Steve Ragan reports from the show floor at RSA 2018, where talks with Chris Roberts, chief security architect at Acalvio Technologies, about the benefits and misconceptions of deception technologies.

Get a hands-on, inside look at the dark web | Salted Hash Ep 25

Wed, 23 May 2018 23:04:00 -0000

Reporting from RSA 2018, host Steve Ragan helps dispel the hype and confusion surrounding the dark web, as he talks with Alon Arvatz, co-founder at IntSights.

Defending against mobile technology threats | Salted Hash Ep 24

Wed, 23 May 2018 23:01:00 -0000

What are the current dangers in mobile technology and what are the strategies to keep yourself protected? Join host Steve Ragan from the show floor at RSA 2018, where he talks with Will LaSala, director of Security Solutions and security evangelist at VASCO Data Security.

Honeypots and the evolution of botnets | Salted Hash Ep 23

Wed, 23 May 2018 22:59:00 -0000

Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Israel Barak, CISO at Cybereason, about his firm's recent honeypot research, which gathered information showing how the bot landscape is evolving.

Is it time to kill the pen test? | Salted Hash Ep 22

Wed, 23 May 2018 22:57:00 -0000

Is it time to kill the pen test? | Salted Hash Ep 22 by Salted Hash

Scammers spoof Office 365, DocuSign and others | Salted Hash Ep 21

Mon, 05 Mar 2018 20:01:00 -0000

As phishing attacks evolve, hackers are using customization and targeted scams to ensnare users. Asaf Cidon, vice president, email security services at Barracuda, talks with host Steve Ragan about the ever-changing cat-and-mouse game of phishing.

GDPR deadline looms: The price and penalties | Salted Hash Ep 20

Mon, 26 Feb 2018 17:22:00 -0000

With the General Data Protection Regulation (GDPR) deadline fast approaching, host Steve Ragan explores the implications of noncompliance for companies -- and possible penalties -- with Greg Reber, founder/CEO of AsTech Consulting.

Ransomware: Do you pay the ransom? | Salted Hash Ep 19

Tue, 20 Feb 2018 15:14:00 -0000

Robert Gibbons, CTO at Datta, joins host Steve Ragan to talk about why companies pay out ransoms, the role of incident response plans and continuity strategies, and how companies weigh the risks.

Mobile security and privacy for activists worldwide | Salted Hash Ep 18

Mon, 12 Feb 2018 15:52:00 -0000

Nathan Freitas, who heads The Guardian Project, talks with host Steve Ragan and senior writer J.M. Porup about the group's easy-to-use secure apps, open-source software libraries, and customized mobile devices being used around the world.

Spectre and Meltdown | Salted Hash Ep 17

Tue, 06 Feb 2018 19:47:00 -0000

What is it about the Spectre and Meltdown attacks that scared everyone so much? Host Steve Ragan and J.M. Porup talk through the impact of these hardware flaws.

Ready for the EU's GDPR compliance deadline? Many companies aren't | Salted Hash Ep 16

Tue, 06 Feb 2018 19:44:00 -0000

CSO senior editor Michael Nadeau joins host Steve Ragan to talk about predictions for 2018, including the looming GDPR compliance deadline.

The people you call when you've had a breach | Salted Hash Ep 15

Tue, 06 Feb 2018 19:42:00 -0000

Rob Lee, faculty fellow at the SANS Technology Institute, talks with host Steve Ragan about his group's work to help companies out of sticky situations, plus the state of the security industry and predictions for 2018.

Are mass transit systems the next cybersecurity target? | Salted Hash Ep 14

Fri, 19 Jan 2018 16:09:00 -0000

Host Steve Ragan talks with Stan Engelbrecht, director of the cybersecurity practice at D3 Security, about the inherent flaws in security defenses for public transportation systems -- and what can be done.

DJI's bounty problems and video surveillance programs | Salted Hash Ep 13

Fri, 19 Jan 2018 16:07:00 -0000

Host Steve Ragan unpacks the latest news about Chinese company DJI's bug bounty program, plus new developments in video surveillance and more, with Fahmida Rashid.

How to build a security career | Salted Hash Ep 5

Thu, 14 Dec 2017 21:42:00 -0000

What does it mean to be a security professional? CSO's Fahmida Rashid and Steve Ragan break down what it takes to get ahead in the field.

Attribution, AI and hacking | Salted Hash Ep 4

Thu, 14 Dec 2017 21:40:00 -0000

Does attack attribution really matter? CSO's Fahmida Rashid and Steve Ragan argue that what, when and how a breach happened are the most immediate concerns. Who did it comes later.

Phishing, application security and cool tools | Salted Hash Ep 3

Thu, 14 Dec 2017 21:38:00 -0000

CSO's Fahmida Rashid and Steve Ragan dig into the latest phishing attempts (and how to sidestep them), plus the debate over application security, and some cool new tools.

The Equifax breach, incident response and the future of passwords | Salted Hash Ep 2

Thu, 14 Dec 2017 21:35:00 -0000

So much of security comes down to 4 little words: Keep it simple, stupid. CSO’s Steve Ragan and Fahmida Rashid explain why there’s no magical mystery cure for ransomware. Also, how much is data from the Equifax breach worth? (Hint: It's a whole lot less than you might think.)

Pilot | Salted Hash Ep 1

Thu, 14 Dec 2017 21:34:00 -0000

Reporters Fahmida Rashid and Steve Ragan talk about antivirus vendor Kaspersky Lab, a Russian-based company that various U.S. agencies have flagged as untrustworthy. Should you use it?

Zero trust systems, dentity authentication permeate enterprise security strategy | Salted Hash Ep 12

Thu, 14 Dec 2017 21:25:00 -0000

Executives at cloud services vendor Akamai -- David Lewis, global security advocate; Andy Ellis, CSO; and Charlie Gero, CTO -- talk with host Steve Ragan about the evolving role of security in the enterprise.

The Dyn cyberattack, one year later | Salted Hash Ep 11

Thu, 14 Dec 2017 21:22:00 -0000

It's been one year since the Dyn cyberattack, a distributed denial-of-service attack that affected traffic to a number of high-level domains. Host Steve Ragan talks with Josh Shaul, vice president of web security at Akamai Technologies, about the event's impact.

Office 365 phishing examples | Salted Hash Ep 10

Fri, 08 Dec 2017 17:57:00 -0000

Salted Hash looks at recent Office 365 phishing examples, discussing why they work and what can be done about them.

What keeps IT administrators up at night? Ransomware, for one | Salted Hash Ep 8

Fri, 08 Dec 2017 17:55:00 -0000

A solid backup policy and frequent awareness training can reduce the risk of ransomware, but unintentional breaches by insiders are still a worry for administrators. Watch as Steve Ragan and Michael Nadeau talk security strategy.

Matrix Banker malware spreads to multiple industries | Salted Hash Ep 7

Fri, 08 Dec 2017 17:52:00 -0000

The Matrix Banker malware, first found in Latin America, is now gaining a foothold in diversified targets. Steve Ragan breaks down the threat with Justin Fier, director for cyber intelligence and analysis at Darktrace.

Ransomware marketplaces and the future of malware | Salted Hash Ep 6

Fri, 08 Dec 2017 17:48:00 -0000

Would you give up a customer's data or credentials if that was the demand in a ransomware attack? That's just one of the nightmare scenarios that Steve Ragan and Rick McElroy talk about on this week's episode.