Cyber Crime

Cyber Crime | News, how-tos, features, reviews, and videos

hand holding paper cloud for google cloud logo
botnet bots

vulnerable cryptojacking hacking breach security

What is cryptojacking? How to prevent, detect, and recover from it

Criminals are using ransomware-like tactics and poisoned websites to get your employees’ computers to mine cryptocurrencies. Here’s what you can do to stop it.

template c100.00 03 57 09.still001
video

An inside look at hybrid Office 365 phishing attacks | Salted Hash Ep 41

In this episode, Steve Ragan shows what a hybrid phishing attack looks like as it starts off on one service, and quickly moves to another.

template c100.00 06 55 04.still001
video

What is a phishing kit? Watch this in-depth explainer | Salted Hash Ep 39

What is a phishing kit? In this video, Steve Ragan offers an answer and a look at some of the kits Salted Hash has collected.

template c100.00 03 35 22.still001
video

An introduction to Kit Hunter, a phishing kit detector | Salted Hash Ep 40

Kit Hunter, a basic Python script written by host Steve Ragan, searches on common tag elements to find hidden phishing kits on a web server.

salted hash thumbnail multi final
video

Phishing problems: 3.2M emails blocked in a month | Salted Hash Ep 37

Asaf Cidon, vice president of email security at Barracuda Networks, talks with host Steve Ragan about a recent uptick in phishing attacks, including a spike in business email compromise (BEC) attacks.

salted hash thumbnail multi final
video

The risks associated with global Internationalized Domain Names | Salted Hash Ep 36

Paul Vixie, CEO of Farsight Security, explains how global Internationalized Domain Names, or global IDNs, sparked the emergence of confusingly similar website addresses with nefarious goals -- and how to combat them.

salted hash thumbnail final
video

The difference between red team engagements and vulnerability assessments | Salted Hash Ep 34

In this episode, host Steve Ragan talks with Phil Grimes, Professional Services Lead at RedLegg, about the challenges of educating customers — and building a partnership with them — to create successful red team engagements.

woman phone scam

4 scams that illustrate the one-way authentication problem

These scams rely on tricking consumers into believing they are interacting with a trusted vendor. Here’s how vendors can prevent the scams.

skull and crossbones in binary code

What is a zero-day exploit? A powerful but fragile weapon

A zero-day is a security flaw that has not yet been patched by the vendor and can be exploited. These vulnerabilities fetch high prices on the black market

template c100.00 06 00 09.still001
video

What an Apple phishing attack looks like | Salted Hash Ep 32

How can you tell the difference between a legitimate email and a phishing attack? Host Steve Ragan shows what an Apple phishing attack looks like, screen by screen, showing the difference between the real and the fake.

forensics threat hunter cyber security thumbprint

Who wants to go threat hunting?

Rob Lee talks about how he became one of the first threat hunters and how you can become one. It will take skills in IR, forensics, and security analytics.

cyber resilience shock absorber

What is cyber resilience? Building cybersecurity shock absorbers for the enterprise

Sure, you’ve prepared for attacks and breaches, but how well can core business processes function when a crisis hits?

CSO: Have you met these hackers? [slide 01]

10 types of hackers and how they'll harm you

Understanding the different types of hackers, what motivates them, and the malware they use can help you identify the attacks you are most likely to face and how to properly defend yourself and your organization.

security risk - phishing / malware / social engineering

What is cross-site scripting (XSS)? Low-hanging fruit for both attackers and defenders

With XSS, attackers enter malicious code into a web form or web app URL to trick the application into doing something it's not supposed to do.

adrian sanabria
video

Is it time to kill the pen test? | Salted Hash Ep 22

Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Adrian Sanabria, director of research at Savage Security, about de-emphasizing network penetration tests to put more focus on attack simulations and helping...

data breach thinkstock

Verizon report: Ransomware top malware threat of 2017, moving into critical systems

DDoS attacks are also on the rise, but spying reports are down. Fewer people are clicking on phishing links.

Election 2016 teaser - Electronic voting security

Voting machine vendor firewall config, passwords posted on public support forum

"This is gold" for a nation-state attacker that wanted to hack an election.

digital money - binary code

How to detect and prevent crypto mining malware

Hackers are placing crypto mining software on devices, networks, and websites at an alarming rate. These tools can help spot it before it does great harm.

Load More