Salted Hash

Security expert and author Bruce Schneier talks with senior writer J.M. Porup about that widespread use of connected chips -- allowing hackers to access cars, refrigerators, toys and soon, even more home consumer items.

With the midterm elections looming, electronic voting machines are getting increased scrutiny. J.M. Porup, senior writer at CSO, sits in the hosts chair this episode, breaking down the security risk with content producer Juliet Beauchamp.

Steve Ragan and J.M. Porup catch up post-DerbyCon conference to discuss psychological issues in the infosec community, supply chain security and whether it's time to make China the boogeyman again, as well as Google's recent data breach.

In this episode, host Steve Ragan talks with Charles Henderson, global managing partner at IBM's X-Force Red, about smart cities and the potential vulnerabilities in IoT, as well as Daniel Crowley, research director at X-Force Red.

In this episode, host Steve Ragan talks with Karl Hiramoto, technical solutions consultant for VirusTotal, maker of VirusTotal Intelligence, a searchable detection tool for malware.

In this episode, host Steve Ragan talks with Engin Akyol, CTO at Distil Networks at the Black Hat 2018 conference, about bot account takeovers and how they can be detected.

Host Steve Ragan talks to Munin, a staffer at the DEF CON Blue Team Village about what's happening and what you can expect.

Host Steve Ragan is joined by Lookout’s Jeremy Richards, who manages the @PhishingAI account on Twitter, as well as a good friend and fellow reporter from Ars Technica.

In this episode, Steve Ragan shows what a hybrid phishing attack looks like as it starts off on one service, and quickly moves to another.

Kit Hunter, a basic Python script written by host Steve Ragan, searches on common tag elements to find hidden phishing kits on a web server.

What is a phishing kit? In this podcast, Steve Ragan offers an answer and a look at some of the kits Salted Hash has collected.

Troy Gill, manager of security research at AppRiver, explains conversation hijacking attacks, or CHAs, with host Steve Ragan, including who is typically targeted and how to prevent them.

Asaf Cidon, vice president of email security at Barracuda Networks, talks with host Steve Ragan about a recent uptick in phishing attacks, including a spike in business email compromise (BEC) attacks.

Paul Vixie, CEO of Farsight Security, explains how global Internationalized Domain Names, or global IDNs, sparked the emergence of confusingly similar website addresses with nefarious goals -- and how to combat them.

In this episode, Michael Feiertag, CEO and co-founder of tCell, joins host Steve Ragan to talk about why application security is more critical than ever and why it's just now getting more attention from security teams.

In this episode, host Steve Ragan talks with Phil Grimes, Professional Services Lead at RedLegg, about the challenges of educating customers — and building a partnership with them — to create successful red team engagements.

TSB phishing attacks | Salted Hash Ep 33 by Salted Hash

In this episode, host Steve Ragan talks with Phil Grimes, Professional Services Lead at RedLegg, about the challenges of educating customers — and building a partnership with them — to create successful red team engagements.

How can you tell the difference between a legitimate email and a phishing attack? Host Steve Ragan shows what an Apple phishing attack looks like, screen by screen, showing the difference between the real and the fake.

Host Steve Ragan is joined on the RSA 2018 show floor by Bryson Bort, CEO and founder of SCYTHE, to talk about the ICS Village, where attendees can learn how to better defend industrial equipment through hands-on access to the equipment.

Host Steve Ragan reports from the RSA 2018 conference, talking with Liv Rowley, an intelligence analyst at Flashpoint, about Spanish cybercrime, an underground community that poses persistent security risks.

Host Steve Ragan reports from RSA 2018 conference, talking with Wendy Nather, director, advisory CISOs at Duo Security, about how organizations can build a zero trust model, including consistently authenticating users.

Host Steve Ragan talks shop with Phil Grimes, a security consultant with an interesting collection of Red Team engagement stories.

Host Steve Ragan reports from the RSA 2018 show floor, talking with Greg Reber, founder and CEO at AsTech Consulting, about the looming GDPR deadline and what IT security professionals should be getting done now.

Host Steve Ragan reports from the show floor at RSA 2018, taking with Oliver Tavakoli, CTO at Vectra Networks, and author of the Thinking Security blog on CSOonline.com, about the types of IT security work that can be off-loaded to artificial intelligence systems.

Host Steve Ragan reports from the show floor at RSA 2018, where talks with Chris Roberts, chief security architect at Acalvio Technologies, about the benefits and misconceptions of deception technologies.

Reporting from RSA 2018, host Steve Ragan helps dispel the hype and confusion surrounding the dark web, as he talks with Alon Arvatz, co-founder at IntSights.

What are the current dangers in mobile technology and what are the strategies to keep yourself protected? Join host Steve Ragan from the show floor at RSA 2018, where he talks with Will LaSala, director of Security Solutions and security evangelist at VASCO Data Security.

Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Israel Barak, CISO at Cybereason, about his firm's recent honeypot research, which gathered information showing how the bot landscape is evolving.

Is it time to kill the pen test? | Salted Hash Ep 22 by Salted Hash

As phishing attacks evolve, hackers are using customization and targeted scams to ensnare users. Asaf Cidon, vice president, email security services at Barracuda, talks with host Steve Ragan about the ever-changing cat-and-mouse game of phishing.

With the General Data Protection Regulation (GDPR) deadline fast approaching, host Steve Ragan explores the implications of noncompliance for companies -- and possible penalties -- with Greg Reber, founder/CEO of AsTech Consulting.

Robert Gibbons, CTO at Datta, joins host Steve Ragan to talk about why companies pay out ransoms, the role of incident response plans and continuity strategies, and how companies weigh the risks.

Nathan Freitas, who heads The Guardian Project, talks with host Steve Ragan and senior writer J.M. Porup about the group's easy-to-use secure apps, open-source software libraries, and customized mobile devices being used around the world.

What is it about the Spectre and Meltdown attacks that scared everyone so much? Host Steve Ragan and J.M. Porup talk through the impact of these hardware flaws.

CSO senior editor Michael Nadeau joins host Steve Ragan to talk about predictions for 2018, including the looming GDPR compliance deadline.

Rob Lee, faculty fellow at the SANS Technology Institute, talks with host Steve Ragan about his group's work to help companies out of sticky situations, plus the state of the security industry and predictions for 2018.

Host Steve Ragan talks with Stan Engelbrecht, director of the cybersecurity practice at D3 Security, about the inherent flaws in security defenses for public transportation systems -- and what can be done.

Host Steve Ragan unpacks the latest news about Chinese company DJI's bug bounty program, plus new developments in video surveillance and more, with Fahmida Rashid.

What does it mean to be a security professional? CSO's Fahmida Rashid and Steve Ragan break down what it takes to get ahead in the field.

Does attack attribution really matter? CSO's Fahmida Rashid and Steve Ragan argue that what, when and how a breach happened are the most immediate concerns. Who did it comes later.

CSO's Fahmida Rashid and Steve Ragan dig into the latest phishing attempts (and how to sidestep them), plus the debate over application security, and some cool new tools.

So much of security comes down to 4 little words: Keep it simple, stupid. CSO’s Steve Ragan and Fahmida Rashid explain why there’s no magical mystery cure for ransomware. Also, how much is data from the Equifax breach worth? (Hint: It's a whole lot less than you might think.)

Reporters Fahmida Rashid and Steve Ragan talk about antivirus vendor Kaspersky Lab, a Russian-based company that various U.S. agencies have flagged as untrustworthy. Should you use it?

Executives at cloud services vendor Akamai -- David Lewis, global security advocate; Andy Ellis, CSO; and Charlie Gero, CTO -- talk with host Steve Ragan about the evolving role of security in the enterprise.

It's been one year since the Dyn cyberattack, a distributed denial-of-service attack that affected traffic to a number of high-level domains. Host Steve Ragan talks with Josh Shaul, vice president of web security at Akamai Technologies, about the event's impact.

Salted Hash looks at recent Office 365 phishing examples, discussing why they work and what can be done about them.

A solid backup policy and frequent awareness training can reduce the risk of ransomware, but unintentional breaches by insiders are still a worry for administrators. Watch as Steve Ragan and Michael Nadeau talk security strategy.

The Matrix Banker malware, first found in Latin America, is now gaining a foothold in diversified targets. Steve Ragan breaks down the threat with Justin Fier, director for cyber intelligence and analysis at Darktrace.

Would you give up a customer's data or credentials if that was the demand in a ransomware attack? That's just one of the nightmare scenarios that Steve Ragan and Rick McElroy talk about on this week's episode.