Hacking

Hacking | News, how-tos, features, reviews, and videos

group of hackers in digital environment
cyber security lock padlock firewall code breach password

hunting and monitoring security threats

Burned malware returns, says Cylance report: Is Hacking Team responsible?

Burning malware forces attackers to evolve, not go away. Network defenders take note.

botnet bots

What is a botnet? And why they aren't going away anytime soon

Controlling thousands or even millions of devices gives cyber attackers the upper hand to deliver malware or conduct a DDoS attack.

7 safe browswer search legitimate url domains surfing the internet

Why abandoned domain names are so dangerous

Abandoned domain names are low-hanging fruit for attackers, who can use them to access sensitive email or customer data.

mobile apps crowdsourcing via social media network [CW cover - October 2015]

Why you should consider crowdsourcing IT security services

Whether you need a pentesting team, a bug bounty program, or a vulnerability disclosure plan, several crowdsourcing platforms can take the risk and pain from the process.

cockroach bug binary2

Do you need a vulnerability disclosure program? The feds say yes

The FTC and DOJ are pushing companies to provide a means for good-faith security researchers to report bugs and put effective processes in place to act on those reports.

An armored knight armor with halo and wings holds a shield, layered in Microsoft brand colors.

How Microsoft became tech’s good guy

Even if it’s doing so out of self-interest, the company has been acting as a force for good.

forensics threat hunter cyber security thumbprint

Who wants to go threat hunting?

Rob Lee talks about how he became one of the first threat hunters and how you can become one. It will take skills in IR, forensics, and security analytics.

cyber resilience shock absorber

What is cyber resilience? Building cybersecurity shock absorbers for the enterprise

Sure, you’ve prepared for attacks and breaches, but how well can core business processes function when a crisis hits?

Election 2016 teaser - Electronic voting security for digital election data

Online voting is impossible to secure. So why are some governments using it?

If you thought electronic voting machines were insecure, wait 'til you meet online voting. Dr. Vanessa Teague has twice demonstrated massive security flaws in online voting systems. Instead of fixes and support, she got official...

adrian sanabria
video

Is it time to kill the pen test? | Salted Hash Ep 22

Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Adrian Sanabria, director of research at Savage Security, about de-emphasizing network penetration tests to put more focus on attack simulations and helping...

Election 2016 teaser - Electronic voting security

Voting machine vendor firewall config, passwords posted on public support forum

"This is gold" for a nation-state attacker that wanted to hack an election.

digital money - binary code

How to detect and prevent crypto mining malware

Hackers are placing crypto mining software on devices, networks, and websites at an alarming rate. These tools can help spot it before it does great harm.

framework metal

What is Mitre's ATT&CK framework? What red teams need to know

The ATT&CK framework allows security researchers and red teams to better understand hacker threats.

security threats and vulnerabilities

How a vulnerability disclosure policy lets hackers help you

Does your company have a vulnerability disclosure policy (VPD)? And if not, what might it mean for your security?

capture the flag hackathon face off

10 questions to answer before running a capture the flag (CTF) contest

Running your own CTF contest can build security skills and help identify new internal and external talent. Learn what types of challenges you need to include, how to make the contest run smoothly, and other logistics to consider.

salted hash thumbnail final
video

Scammers spoof Office 365, DocuSign and others | Salted Hash Ep 21

As phishing attacks evolve, hackers are using customization and targeted scams to ensnare users. Asaf Cidon, vice president, email security services at Barracuda, talks with host Steve Ragan about the ever-changing cat-and-mouse game...

ddos attack

Another massive DDoS internet blackout could be coming your way

A massive internet blackout similar to the Dyn DNS outage in 2016 could easily happen again, despite relatively low-cost countermeasures, according to a new study out of Harvard University.

artificial intelligence ai brain virtual

Is your vendor being honest about AI?

Some vendors who claim their products use artificial intelligence or machine learning technology are really using rules-based engines. Here's how to spot the lie.

Load More