Talos Takes

As more people around the world start to get vaccinated against COVID-19, travel is becoming easier, especially during these summer months. But as much as you may be excited to travel, so are threat actors. Asheer Malhotra was part of a team that looked into a series of campaigns targeting users in Latin America, specifically using social engineering tactics centered around travel. Some of the lure documents, in this case, include fake travel itineraries, coupons for flights and hotel reservation confirmations. Asheer joins the show this week to discuss the throughline between all these attacks and their potential connections to the Aggah crimeware group.

Students are starting to go back to school across the U.S. There are plenty of things to worry about with the “new normal” while the world still combats COVID-19, and while we can’t help students, teachers and admins with everything, we can at least provide a little security advice. Nick Biasini joins the show once again to discuss the best cybersecurity practices as schools spin back up. What should parents tell their kids about electronic devices they bring home? What will IT admins have learned over the past year and a half plus? And how should we deal with the new norm of hybrid learning?

Andrew Windsor from our malware research team joins the show for the first time to talk about Solarmarker. This is a campaign Andrew’s followed for a while that recently added new modules that make it particularly dangerous. The attackers behind Solarmarker could basically use this threat to drop whatever they want. At least for now, they’re sticking to information-stealing. But could it ever get worse than that?