Every week, host Jon Munshaw brings on a new guest from Talos or the broader Cisco Secure world to break down a complicated security topic in just five or 10 minutes. We cover everything from breaking news to attacker trends and emerging threats.
…
continue reading
Threats, Beers, and No Silver Bullets. Listen to Talos security experts as they bring their hot takes on current security topics and Talos research to the table. Along the way, Mitch, Matt and a rotating chair of special guests will talk about anything (and we mean anything) that's on their minds, from the latest YouTube trends to Olympic curling etiquette. New episodes every other Thursday.
…
continue reading
1
How to defend against brute force attacks
7:30
7:30
Na później
Na później
Listy
Polub
Polubione
7:30
After a recent spike in brute force attempts targeting SSH and VPN services, we felt it was a good time to give listeners a lesson on brute force attacks. Nick Biasini joins host Jon Munshaw this week to discuss the basics of these methods, how administrators can protect their accounts, and other potential defense mechanisms (or whether to just tak…
…
continue reading
Power grid security expert Joe Marshall joins the crew today to talk all things, well, power grid security. But not before he gets an impromptu pop quiz from Matt in the roundtable. Joe then tells some stories from his days working in electric utility, deploying new systems and his experiences with pentesting teams ("Wow, y'all need to stop!"). Plu…
…
continue reading
1
What are the dangers of enabling sideloading and third-party apps?
10:24
10:24
Na później
Na później
Listy
Polub
Polubione
10:24
Apple now must allow users to be able to sideload apps onto their phones or access third-party app stores, thanks to a law from the European Union that went into effect earlier this year. Terryn Valikodath from Cisco Talos Incident Response joins Jon this week to discuss the potential dangers that come with allowing users to sideload apps onto thei…
…
continue reading
1
Why we need to stop calling as-a-service group takedowns "takedowns"
12:20
12:20
Na później
Na później
Listy
Polub
Polubione
12:20
Hazel Burton and Thorsten Rosendahl join Jon Munshaw on this week's episode to discuss the problem with threat actor "hydras." They recently wrote about the topic for the Talos blog, highlighting how law enforcement takedowns of these groups are closer to just disruptions or setbacks for these massive actors. They talk about what really needs to be…
…
continue reading
1
Turla has been around for 20-plus years at this point, but they're still mixing things up
9:04
9:04
Na później
Na później
Listy
Polub
Polubione
9:04
Holger Unterbrink of Talos Outreach joins the show this week to discuss his recent Turla APT research. This Russian state-sponsored actor has been around for years but is regularly adding new tooling to its arsenal. Holger has new details about their latest tool, TinyTurlaNG, and insight into the types of organizations they're targeting.…
…
continue reading
1
Why more actors are starting to use Telegram for their communications
10:25
10:25
Na później
Na później
Listy
Polub
Polubione
10:25
Jon started noticing that Talos is finding more threat actors using Telegram nowadays for their communication and coordination, so he decided to bring Azim Khodjibaev on to ask him if he was just inventing this, or if it was a real trend. Turns out it's a real trend! Azim fills listeners in on why Telegram is becoming the app of choice for APTs to …
…
continue reading
Matt, Mitch and Lurene discuss if the internet is better or worse today than it was 20 years ago. This leads them to discuss their various career paths, with Lurene talking about how she got into vulnerability exploitation and how Matt got into threat intelligence. And why neither of those paths would be recommended today. Lurene and Matt then clas…
…
continue reading
1
Why no one should be relying on passive security in 2024
8:17
8:17
Na później
Na później
Listy
Polub
Polubione
8:17
Nick Biasini joins Jon this week to talk about passive security. He recently wrote about this topic for the Talos blog and joined Wendy Nather in discussing the merits of passive security versus active blocking. Nick defines what passive security is, exactly, and why it's not the way to go in the modern age.…
…
continue reading
1
What's new about GhostSec's ransomware-as-a-service model
12:06
12:06
Na później
Na później
Listy
Polub
Polubione
12:06
Chetan Raghuprasad from the Talos Outreach team joins Talos Takes this week to talk to Jon about the GhostSec threat actor that he and a few colleagues wrote about for the Talos blog. GhostSec has teamed up with another ransomware group to carry out double extortion attacks all over the globe, with increasing frequency over the past year. They disc…
…
continue reading
1
Why are "identity attacks" on the rise?
11:29
11:29
Na później
Na później
Listy
Polub
Polubione
11:29
Now more than ever, adversaries are logging in, not breaking in. They're stealing legitimate user credentials to hide undetected on a targeted network after acquiring said credentials in a variety of ways. Hazel Burton joins Jon Munshaw this week to discuss identity attacks, recommendations for avoiding them, and how QR code phishing plays into the…
…
continue reading
Gergana Karadzhova-Dangela and Thorsten Rosendahl, our resident experts on all things European Union cybersecurity law, join the show this week to talk about the impending NIS2 regulations. Don't worry, you've still got plenty of time to work on them, but this is a good place to get started even if you've never seen the phrase "NIS2" before. Find m…
…
continue reading
You will no doubt have seen the advisories published over the last few weeks concerning Volt Typhoon's malicious activities. In this episode, JJ Cummings joins the crew to discuss the background to this threat actor, their impact on the threat landscape, and the covertly strategic (and specific) nature of their operations. The team also discusses t…
…
continue reading
1
Case study: How Talos IR helped a healthcare tech company avoid a ransomware attack
49:20
49:20
Na później
Na później
Listy
Polub
Polubione
49:20
Reposted from the Cisco Security Stories feed: Meet Jeremy Maxwell, CISO of Veradigm, a healthcare IT company. Jeremy discusses how his organization proactively prepares for cybersecurity incidents within a highly regulated industry.Autor: Cisco Talos
…
continue reading
Matt, Mitch and Lurene sit down to discuss “random stuff from Reddit” (don’t be put off – they’re all genuinely interesting security questions!). Topics range from password managers and how password security guidance has become outdated, how to ‘self-learn’ in cybersecurity, and thoughtful approaches towards security incidents. Before that, the tea…
…
continue reading
1
How are attackers using malicious drivers in Windows to stay undetected?
11:36
11:36
Na później
Na później
Listy
Polub
Polubione
11:36
Chris Neal from Talos Outreach joins the show today to talk about his research into the ways adversaries are using malicious drivers on Windows to spread malware. He recently launched a new series on the Talos blog about the basics of drivers and how security researchers can reverse engineer them to learn more about attacker TTPs and develop new de…
…
continue reading
1
(XL Edition): Talos IR recaps the top threats of Q4 2023
17:18
17:18
Na później
Na później
Listy
Polub
Polubione
17:18
This week, we're bringing you the audio version of our recent Talos IR On Air video. Several Talos incident responders got together to recap the top threats and attacker trends of Q4 2023, as outlined in our full Quarterly Trends Report. Hear about why ransomware was up for the first time the entire year, and which sectors were being targeted most …
…
continue reading
1
What's new with CVSS 4.0, and does it really change anything?
9:29
9:29
Na później
Na później
Listy
Polub
Polubione
9:29
We're talking about vulnerabilities this week with Jerry Gamblin from Cisco Vulnerability Management. Jerry joins the show to talk about the release of CVSS 4.0 this year — the newest method the security community will use to score the severity of certain vulnerabilities. Jerry discusses what makes this scoring system different from previous iterat…
…
continue reading
1
XL Edition: Talos' 2023 Year in Review
34:51
34:51
Na później
Na później
Listy
Polub
Polubione
34:51
In this special edition of the show, we're bringing you the audio version of our Year in Review livestream. Recorded at the end of December, this stream included Hazel Burton, Nick Biasini and Laurie Varner from Cisco Talos Incident Response recapping the year that was in cybersecurity. They covered the highlights of our 2023 Year in Review report,…
…
continue reading
1
Year in Review: Why are attackers targeting the telecommunications sector so often?
7:30
7:30
Na później
Na później
Listy
Polub
Polubione
7:30
We're back from holiday break with the first new Talos Takes episode of 2024! We're continuing our dive into Talos' Year in Review report with Lexi DiSchola, one of the many researchers who helped put this report together. She discusses why we believe the telecommunications sector was the most-targeted industry in 2023, advice for companies in that…
…
continue reading
1
Talos Speed Dating (the episode we never set out to make but did anyway)
1:08:28
1:08:28
Na później
Na później
Listy
Polub
Polubione
1:08:28
Mitch, Matt and Lurene were almost about to be in the same physical space at the same time to record an episode, and then Lurene couldn't make it...so we made this instead! Mitch is joined by Azim Khodjibaev from the Talos Threat Intelligence and Interdiction team to rapid-fire interview a bunch of Talos employees who happened to be around the Mary…
…
continue reading
1
Year in Review: Why was 2023 the year of data theft extortion?
9:19
9:19
Na później
Na później
Listy
Polub
Polubione
9:19
Jon apologizes for how he sounds in this episode, he was having mic troubles we discovered only during post-production. But outside of that, we continue the series of episodes recapping 2023 with our Year in Review report. This week, Aliza Johnson from the Talos Threat Intelligence & Interdiction team comes on the show to talk about data theft exto…
…
continue reading
1
2023 Year in Review: Everything you need to know about Chinese state-sponsored actors
8:00
8:00
Na później
Na później
Listy
Polub
Polubione
8:00
To celebrate the launch of our 2023 Year in Review report, we're doing a series of episodes highlighting several of our key takeaways from the past year. First up, we have David Liebenberg from our Threat Intelligence team to discuss Chinese state-sponsored actors. This is an area David's been studying for many years now and actively researches. He…
…
continue reading
1
The TurkeyLurkey Man wants YOU to read the Talos 2023 Year in Review report
1:03:20
1:03:20
Na później
Na później
Listy
Polub
Polubione
1:03:20
We recorded this episode AFTER Thanksgiving, so you'll need to forgive us for the amount of Thanksgiving talk that doesn't actually apply until Thanksgiving 2024. It all evens out in the end because the annual "Ranksgiving" from special guest David Liebenberg results in the creation of TurkeyLurkey Man. Then, TurkeyLurkey Man helps the rest of the …
…
continue reading
1
Inside Talos' effort to protect the Ukrainian power grid
11:00
11:00
Na później
Na później
Listy
Polub
Polubione
11:00
Joe Marshall, a central figure in the story of how Cisco Talos and other teams within Cisco worked together to protect the Ukrainian power grid, joins the show this week. He recaps a recent CNN story highlighting the new piece of equipment he and a group of volunteers worked on together to ensure the clocks that power the Ukrainian electric grid ca…
…
continue reading
1
Why has the Phobos ransomware been working for so long?
13:07
13:07
Na później
Na później
Listy
Polub
Polubione
13:07
Guilherme Venere from Talos Outreach joins the show this week to talk about his research into the 8Base threat actor and its use of a variant of the Phobos ransomware. He recently published several works on the many variants of Phobos that exist in the wild, and why 8Base has been so successful using it for years now.…
…
continue reading
1
A warning about scams in "Roblox" (or any other online game, really)
10:09
10:09
Na później
Na później
Listy
Polub
Polubione
10:09
Tiago Pereira from Talos Outreach joins the program this week to talk about his research into the different types of scams that appear in the online game "Roblox." Many underage users are at risk of being targeted by malicious users looking to steal their money, in-game items or even install malware on their devices.…
…
continue reading
1
XL Edition: The top incident response trends of Q3
30:45
30:45
Na później
Na później
Listy
Polub
Polubione
30:45
This week is a special edition of Talos Takes. We have the audio version of Talos Incident Response's recent On Air stream, where they discussed the top attacker trends they're seeing in the field. Talos' incident responders discuss the malware they're seeing most often in infections, how attackers are shifting their tactics, and what other defende…
…
continue reading
It's that time of the quarter again when we sit down to look at what we learned over the past three months. Caitlin Huey from the Talos Threat Interdiction Team joins the show for this special look at the latest Talos Incident Response Quarterly Trends report. Caitlin's team helps compile these reports and digs through mountains of data to find out…
…
continue reading
Jerry Gamblin from Cisco Kenna joins this week's episode to talk about all things patching. If you're the average user, you probably don't think about patching much because many of them happen automatically in the background. However many admins and users can unknowingly fall behind when it comes to protecting themselves against the latest vulnerab…
…
continue reading
1
What happens when you actually click the "report spam" button?
8:29
8:29
Na później
Na później
Listy
Polub
Polubione
8:29
Everyone is tired of getting spam emails at this point, and it can feel exhausting always to click that "report spam" button just to get another phony email a few hours later. But we're here to assure you that reporting and filtering spam really does help in the long run! Nick Biasini joins the show this week to discuss all things spam for Cybersec…
…
continue reading
1
How to find the right password management solution for you
7:33
7:33
Na później
Na później
Listy
Polub
Polubione
7:33
To continue our Cybersecurity Awareness Month series, Harpreet Singh from Talos Incident Response joins Jon to talk about password managers. They discuss the upside of using a third-party service like 1Password or LastPass, the potential dangers of using built-in browser password managers like Google Chrome and Safari, and other good password hygie…
…
continue reading
1
Cybersecurity Awareness Month: The best practices for implementing multi-factor authentication
16:16
16:16
Na później
Na później
Listy
Polub
Polubione
16:16
All of October, we'll be covering broad security-related topics for Cybersecurity Awareness Month. First up, we address the basics of implementing MFA in any environment, why any type of MFA is better than no MFA, the pitfalls of certain types of authentication, and whether going passwordless is the future.…
…
continue reading
1
Inside a Talos Incident Response emergency event
15:39
15:39
Na później
Na później
Listy
Polub
Polubione
15:39
Hazel Burton takes over as guest host for this episode as she talks to Nate Pors from Cisco Talos Incident Response. Nate was part of Talos IR's team that helped Veradigm, a healthcare technology company, prevent a Qakbot ransomware attack. Nate and his team recently wrote about this experience for the Talos blog, and Veradigm's CISO even joined th…
…
continue reading
This episode of Beers with Talos has a very special guest: Our old friend Nigel Houghton. He's one of the OG BWTers and is back with two-plus years' worth of hot takes to get off his chest. Nigel starts out by delivering his long-awaited update on his beloved Mighty Red. But he, Mitch, Matt and Lurene do eventually get to cybersecurity talk, includ…
…
continue reading
1
How Talos helped defend Black Hat's network in Vegas
15:40
15:40
Na później
Na później
Listy
Polub
Polubione
15:40
What happens when the hackers become the hacked? Black Hat is one of the largest cybersecurity conferences in the world, and Talos had a hand in defending the on-site network for the past few years. Yuri Kramarz from Talos Incident Response worked in Black Hat's Network Operations Center this year to help defend Black Hat's network and attendees wh…
…
continue reading
Cisco Talos has recently written about malware families that go open-source, sometimes of their own volition, and sometimes because of leaks. In the case of SapphireStealer, we still don't really know why someone posted this malware to GitHub, but now that it's out there, we can't put it back in a box. Edmund Brumaghin, who assisted with Talos' res…
…
continue reading
1
You're never going to believe this, but Lazarus Group is back again
9:53
9:53
Na później
Na później
Listy
Polub
Polubione
9:53
North Korea's infamous APT group is back on the scene, this time with two new remote access trojans. By now, you've probably heard of Lazarus Group and all the annoying things they do to steal sensitive information, make money for North Korea's missile program, etc. But we have an update on their current tactics and payloads they're sending around …
…
continue reading
1
Carrying out incident response in-person vs. virtually
15:31
15:31
Na później
Na później
Listy
Polub
Polubione
15:31
Everything about the modern workplace is different now from the start of the COVID-19 pandemic. Many companies are embracing the remote work lifestyle, while others are stuck in a hybrid model or pushing employees to come back to the office. With that in mind, we felt like it was a good time to check in on the incident response process for companie…
…
continue reading
1
"I'm going to breach you off." "Not if I breach you off first!"
56:47
56:47
Na później
Na później
Listy
Polub
Polubione
56:47
We know we're like two weeks late to the Barbie party, but the whole Beers with Talos crew has seen it now so we had to talk about it. Expect a lot of "Barbie" talk up at the top. After that, though, we dive into how to set up deception systems and establish your environment to make it harder for an intruder to get in. The goal here is to make it s…
…
continue reading
1
Hacktivism is quietly growing, especially when it comes to Russia's invasion of Ukraine
10:58
10:58
Na później
Na później
Listy
Polub
Polubione
10:58
The stereotypical "hacker" who looks to do good in the world probably involves a Guy Fawkes mask and black hoodie. But hacktivism has become much more than that, especially since Russia invaded Ukraine. On the heels of a newly released overview on hacktivism, Lexi DiScola from the Talos Threat Intelligence and Interdiction team joins Talos Takes th…
…
continue reading
1
What's the difference between data theft extortion and ransomware?
10:58
10:58
Na później
Na później
Listy
Polub
Polubione
10:58
Cisco Talos Incident Response observed data theft extortion more than any other type of cyber attack last quarter. So why has it become so popular? And what makes it different from ransomware? Jacob Finn from the Talos Threat Intelligence and Interdiction Team joins Jon this week to discuss the basics of data theft extortion. He just worked on an o…
…
continue reading