Listen to Talos security experts as they bring their hot takes on current security topics and Talos research to the table. Along the way Hazel, Mitch, Matt and a rotating chair of special guests will talk about anything (and we mean anything) that's on their minds, from the latest YouTube trends to Olympic curling etiquette. New episodes every other Thursday.
In this episode of Beers with Talos, Hazel, Bill, Dave and Joe are joined by Talos Security Research Engineer James Nutland to discuss Living Off Trusted Services (LOTS) - a growing technique where attackers use platforms such as GitHub, Google Drive, Microsoft services and Telegram for command and control, malware delivery and data exfiltration.
We explore why this trend is growing, how it differs from Living Off the Land (LOTL)....and Lord of the Rings (LOTR)....why trusted services create new detection challenges, and what defenders should be monitoring.
Also in this episode:
Here's the LOTS project repository mentioned in the episode https://lots-project.com/
Every week, our host brings on a new guest from Talos or the broader Cisco Security world to break down a complicated security topic in just five or 10 minutes. We cover everything from breaking news to attacker trends and emerging threats.
MFA and password resets aren't always enough.
That’s terrifying for security teams today. In this episode of Talos Takes, we dive deep into ARToken, a sophisticated phishing-as-a-service platform that steals credentials, bypasses MFA entirely, and leverages primary refresh tokens (PRTs) to maintain persistence in your environment long after a password reset. This turns a simple phishing click into a long-term breach.
It’s time to rethink your defenses. Join us as Cisco Talos Threat Researcher Michael Kelley breaks down how this new breed of automated attack works and, more importantly, how you can spot it. From hunting for suspicious device authorization grants to securing your cloud infrastructure, don't miss this critical look at the new frontier of business email compromise.