HTML Malware - New Cyber24 Podcast


If you had to guess, what proportion of major data breaches would you say started with a phishing attack? 50%? 80%? Data shows that around 95% of attacks start with a phishing campaign. It’s not especially hard to see why this is: software can be patched and detection systems can be improved, but you can’t patch or reprogram people to be aware of cyber threats in the same way you can a computer. Hackers, then, are often targeting the human element of a system to gain access.

So, as the question has always been, how can we do our best to manage threats within imperfect organizations? Karl Sigler, of Trustwave SpiderLabs, says obviously—but somewhat refreshingly—that although methods and programs and hackers become more advanced, the advice is still essentially the same. Tune in to Cyber 24 Episode 177 to hear Sigler detail his core ideas of cybersecurity constants.
Speaking of evolving cyberattack methods, Sigler explores an effective tactic on the rise known as HTML smuggling. Many know that clicking on an attachment in an unexpected or suspicious email is a bad idea, and they have become familiar with phishermen trying to get them to click on a .exe file. Recently, bad actors have begun “smuggling” these payloads in phishing emails through HTML files. These files can be designed to duck under many email security measures and then run code once they’ve been clicked on. Sigler dives deeper into these types of attacks on this week’s podcast.


Episode 177: HTML Malware


Listen to the Podcast





The demand has never been greater for business owners and IT professionals to invest in intelligent security camera systems. At the intersection of physical security and cybersecurity, however, an increasing number of organizations struggle to take a proactive approach to surveillance. Verkada’s all-in-one physical security platform makes this decision easy with features like: plug-and-play installation, centralized management, secure remote access to cameras, and smart features and alerts.

Smarter security starts with Verkada. Learn more at




If you are looking for protection from uncontrolled access, SALTO can deliver the perfect solution, tailored to your exact requirements to provide you with all the security, convenience, and control you need. With SALTO, you install access control in a wire-free environment, so there is no need to hardwire the building. Because SALTO runs on a virtual network, you can enroll or replace a lost key within seconds, making reprogramming and re-keying a problem of the past.


See how SALTO can make your access control and building security simpler and safer at



About Cyber24

CYBER24 is a podcast and website designed to bridge the knowledge gap between cybersecurity experts, business leaders, and policymakers. We talk with experts who share their knowledge in an easily understandable format designed to arm public and private sector leaders with the information they need to protect their organizations. 


About VLCM Cybersecurity

VLCM’s Cybersecurity Team offers leading industry expertise to design, implement, and support the right cybersecurity solutions. VLCM’S Cybersecurity architects Get IT Right by implementing layered security strategies, and partnering with a wide range of industry-leading IT security vendors to develop the best cybersecurity defense for your unique organization. Team up with our experts to be more cyber secure, in control, and home in time for dinner.