Steve Ragan

Senior Staff Writer

Prior to joining the journalism world in 2005, Steve Ragan spent 15 years as a freelance IT contractor focused on infrastructure management and security. He's a father of two and rounded geek with a strong technical background.

Salted Hash Ep 25: A quick tour of the Dark Web

Salted Hash Ep 25: A quick tour of the Dark Web

The Dark Web has an interesting persona, and much of it is fueled by hype. This week on Salted Hash we speak to Alon Arvatz, co-founder at IntSights, who gives us a basic overview of some of the things people do in this somewhat...

Researchers warn PGP and S/MIME users of serious vulnerabilities

Researchers warn PGP and S/MIME users of serious vulnerabilities

A professor at Münster University issued a warning on Sunday about serious vulnerabilities in PGP and S/MIME – two widely-used methods for encrypting email – which, if exploited, could reveal plain text communications. The issue also...

Salted Hash Ep 28: GDPR deadline fast approaches

Salted Hash Ep 28: GDPR deadline fast approaches

The deadline for the General Data Protection Regulation (GDPR) is almost here. During our trip to the RSA Conference last month, Salted Hash spoke to an expert on the subject, and learned some interesting things when it comes to...

North Korean anti-virus uses old Trend Micro components

North Korean anti-virus uses old Trend Micro components

Researchers at Checkpoint have published a report showing that North Korea's SiliVaccine, the country's anti-virus product, uses functional elements taken from a ten-year-old copy of Trend Micro's anti-virus.

Salted Hash Ep 24: Defending against mobile threats

Salted Hash Ep 24: Defending against mobile threats

Welcome back! After shooting several episodes during the RSA Conference in San Francisco, this week Salted Hash talks mobile threats with VASCO's Will LaSala. In addition to this week's episode, we've also got some additional footage...

Atlanta's recovery highlights the costly mistake of being unprepared

Atlanta's recovery highlights the costly mistake of being unprepared

The Samsam attack against the city of Atlanta in March was chaotic and crippling. The ransomware, named for the group responsible for development and deployment, left the city scrambling to deal with critical systems that were forced...

Two incident response phases most organizations get wrong

Two incident response phases most organizations get wrong

It's important to remember: Incident response isn't a thing, it's a process.

SamSam explained: Everything you need to know about this opportunistic group of threat actors

SamSam explained: Everything you need to know about this opportunistic group of threat actors

The group behind the SamSam family of ransomware is known for recent attacks on healthcare organizations, but that's not its only target.

Customers describe the impact of the Allscripts ransomware attack

Customers describe the impact of the Allscripts ransomware attack

A ransomware attack against a SaaS provider hurts customers, but when it's a healthcare company that’s hit, patients suffer. Such was the case with January's attack against Allscripts, one of the largest electronic health record and...

Ransomware, healthcare and incident response: Lessons from the Allscripts attack

Ransomware, healthcare and incident response: Lessons from the Allscripts attack

The actors behind SamSam launched a devastating attack against Allscripts in January, 2018. As Allscripts worked its incident response plan, things started to unravel. Here are the lessons learned.

Allscripts: Ransomware, recovery, and frustrated customers

Allscripts: Ransomware, recovery, and frustrated customers

The actors behind SamSam launched an attack against Allscripts in January 2018, leaving the company’s customers without access to the services needed to run their medical practices — some for more than a week.

Social engineering: It's time to patch the human

Social engineering: It's time to patch the human

Is there a patch for human stupidity? If you believe the common saying, there isn't. However, Jayson E. Street says there is, and it's time companies started patching their humans. The truth is, technology alone isn't going to save...

SamSam group deletes Atlanta's contact portal after the address goes public

SamSam group deletes Atlanta's contact portal after the address goes public

An image shared with local media during the early stages of a SamSam ransomware infection in Atlanta exposed the contact portal assigned to the city by the group responsible for the attack. When questioned about their actions via the...

SamSam ransomware attacks have earned nearly $850,000

SamSam ransomware attacks have earned nearly $850,000

First emerging in late 2015, the group believed to be responsible for the SamSam ransomware family has targeted small and large businesses, healthcare, governments, and education. To date, the group has made nearly $850,000 USD

Symantec: Diverse threats remain a consistent problem online

Symantec: Diverse threats remain a consistent problem online

A report published this evening by Symantec outlines the rocky year consumers and business owners had online in 2017, covering everything from coin mining attacks, problems in the supply chain, ransomware, BEC attacks, and more.

Salted Hash Ep 21: Scammers targeting Office 365 and DocuSign

Salted Hash Ep 21: Scammers targeting Office 365 and DocuSign

Welcome back! Salted Hash is gearing up to shoot our next season, as well as other segments in April during the RSA Conference, but this week we're going to chat with Asaf Cidon, vice president of email security services at Barracuda....

Nuance says NotPetya attack led to $92 million in lost revenue

Nuance says NotPetya attack led to $92 million in lost revenue

Nuance Communications, a software company that offers speech and imaging technology to a number of markets, including healthcare and finance, said the 2017 NotPetya malware attacks caused the company to lose $92 million in revenue,...

Salted Hash Ep 20: GDPR: Looming deadlines, massive penalties

Salted Hash Ep 20: GDPR: Looming deadlines, massive penalties

The May 25 deadline for the General Data Protection Regulation (GDPR) is quickly approaching. Organizations large and small are scrambling to align with these new requirements, but the task isn't an easy one. In fact, the idea of...

North Korea hacking group is expanding operations, researchers say

North Korea hacking group is expanding operations, researchers say

A group of hackers from North Korea (DPRK), recently connected to the usage of an Adobe Flash zero-day vulnerability (CVE-2018-4878), has expanded its operations in both scope and sophistication, FireEye says.

Salted Hash Ep 18: Mobile security and privacy

Salted Hash Ep 18: Mobile security and privacy

Everyone, from activists, journalists, CEOs, and politicians, walk around with a computer in their pocket, sometimes calling it a phone. This week on Salted Hash, we talk about mobile privacy and security with the founder of The...

Load More