Talos Takes

Talos’ spin on security news

Join Talos researchers and analysts as they address the top news and trends in cyber security. The rotating cast of hosts and guests will cover everything from breaking news, to attacker trends and emerging threats.

Subscribe
  • Talos Takes : Episode 42
    2021-02-26

    Talos Takes Ep. #42: Seriously folks, save your logs

    When Pierre Cadieux steps into a Cisco Talos Incident Response engagement, the first thing he wants to do is check out the customer’s logs. But if there are no logs to be found, he’ll be pretty limited in the kinds of insights he can provide.

    This has come up several times during the SolarWinds era, when customers are wanting to know if they were targeted in the widespread supply chain attack. So in this episode of Talos Takes, Pierre joins the show to discuss why it’s so important to keep logs for everything — log-ins, events, applications and more.

    Hosted By:
    Jon Munshaw
    Featuring:
    Pierre Cadieux@pchobbit
    Download
    Run Time: 7:30

    Keywords
    • SolarWinds
    • Incident Response
    • security logs
    • Cisco Talos Incident Response
    • security

  • Talos Takes : Episode 41
    2021-02-11

    Talos Takes Ep. #41: Why you should upgrade to Snort 3

    For this week’s episode of Talos Takes, we’re switching back to Snort talk. For anyone who hasn’t been on security Twitter over the past month, you may not know that we released the Snort 3 GA last month — formally known as Snort 3.1.0. To celebrate, Nick Mavis joins the show again to discuss Snort 3’s new features and upgrades over 2.9.X. Nick, who regularly writes Snort rules for Cisco Talos and has been working hands-on with both versions of Snort for years, talks about how the rules improve with Snort 3, why detection and protection are better and everything else he loves about Snort 3. For more, check out the Snort 3 page on Snort.org.

    Hosted By:
    Jon Munshaw
    Featuring:
    Nicholas Mavis
    Download
    Run Time: 6:02

    Keywords
    • Snort
    • Snort 3

  • Talos Takes : Episode 40
    2021-02-05

    Talos Takes Ep. #40: Lessons learned from our conversations with a ransomware operator

    For the first time in Talos Takes history, we have a whopping TWO guests on to talk about Talos’ latest research paper. In this episode, Dmytro Korzhevin and Azim Khodjibaev discuss their work interviewing a LockBit ransomware operator. They spent multiple weeks speaking to this actor over social media, and eventually turned their conversations into a paper that lays out what we learned about the ransomware landscape. Dmytro and Azim talked about lessons learned, what surprised them about the threat actor, and how actors choose their targets.

    Hosted By:
    Jon Munshaw
    Featuring:
    Azim Khodjibaev@AShukuhi and Dmytro Korzhevin@dkorzhevin
    Download
    Run Time: 8:12

    Keywords
    • LockBit
    • ransomware
    • malware

  • Talos Takes : Episode 39
    2021-01-29

    Talos Takes Ep. #39: An update on SolarWinds as it relates to IoT and OT

    We know we just talked about supply chain attacks and SolarWinds last week, but it’s still all anyone in security is talking about. Joe Marshall joins the show this time to approach the SolarWinds breach from an internet-of-things and operational security perspective. He recently co-wrote a blog for Cisco detailing how outsourcing OT over the past few years has made the SolarWinds compromise worse. Joe, a lifelong researcher and security practitioner in the OT and infrastructure space, discusses what we still don’t know about this attack, what you should do if you think you may be affected, and how we can learn from this going forward. For more on Talos’ coverage and defense against the SolarWinds campaign, check out our blog post here.

    Hosted By:
    Jon Munshaw
    Featuring:
    Joe Marshall@ImmortanJo3
    Download
    Run Time: 12:30

    Keywords
    • SolarWinds
    • IoT
    • operational technology
    • infrastructure

  • Talos Takes : Episode 37
    2021-01-22

    Talos Takes Ep. #37: What's with all this talk about supply chain attacks?

    The major SolarWinds campaign has been generating headlines for weeks now. And while its specific targets make this attack unique, this is far from the first-ever supply chain attack. So what is a supply chain attack? And should your organization be prepared for them? In this episode of Talos Takes, Nick Biasini talks about the history of supply chain attacks, and how they can even be traced back to the 1970s.

    Hosted By:
    Jon Munshaw
    Featuring:
    Nick Biasini@InfoSec_Nick
    Download
    Run Time: 8:00

    Keywords
    • SolarWinds
    • malware
    • supply chain
    • APTs
    • FireEye

  • Talos Takes : Episode 36
    2020-12-18

    Talos Takes Ep. #36: Ransomware's big 2020

    Everything was on fire this year, and the internet was no different. Ransomware was the leading cause of headaches and late night for defenders and IT experts this year. On the latest Talos Takes episode (and last of 2020), Azim Khodjibaev joins us to talk about ransomware’s big year. We talk about why adversaries wanted to go big-game hunting, and what this could mean for trends in 2021.

    Hosted By:
    Jon Munshaw
    Featuring:
    Azim Khodjibaev@AShukuhi
    Download
    Run Time: 7:10

    Keywords
    • ransomware
    • year in review
    • malware
    • spam

  • Talos Takes : Episode 35
    2020-11-24

    Talos Takes Ep. #35: If a deal seems too good to be true, it probably is

    More shoppers are expected to buy online this year than ever. Everyone’s encouraged to stay home and avoid lines and crowds due to the COVID-19 pandemic, which has left retailers offering deals earlier in November than ever before. So how can you stay safe while doing all your holiday shopping online? In this episode of Talos Takes, we’ll talk through some of the common schemes we’re seeing and talk about what makes this year unique when it comes to spam campaigns.

    Hosted By:
    Jon Munshaw
    Featuring:
    Nick Biasini@InfoSec_Nick
    Download
    Run Time: 5:38

    Keywords
    • security skills
    • spam
    • online shopping
    • scams

  • Talos Takes : Episode 34
    2020-11-13

    Talos Takes Ep. #34: Free and low-cost security tools

    Say you’ve got the basics of security down, and now you want to start putting it into practice. Where do you start? In this Talos Takes episode, we run through some free and low-cost security tools anyone can use to beef up their network. We talk about Snort, built-in security tools on operating systems and more.

    Hosted By:
    Jon Munshaw
    Featuring:
    Nick Biasini@InfoSec_Nick
    Download
    Run Time: 7:05

    Keywords
    • Snort
    • tools
    • security
    • IPS
    • firewall

  • Talos Takes : Episode 33
    2020-10-09

    Talos Takes Ep. #33: How to talk to your parents about cyber security

    It’s National Cyber Security Awareness Month! And you know what that means? It’s time to make everyone more aware! Since we all have that special someone in our lives who could use a refresher on internet hygenie, we figured it was time to talk about bringing up the topic of security to your friends and family who may not be as computer literate as you are. Jon Munshaw and Nick Biasini talk about basic tips to give even your oldest family members and user-friendly programs and services that can improve everyone’s security.

    Hosted By:
    Jon Munshaw
    Featuring:
    Nick Biasini@InfoSec_Nick
    Download
    Run Time: 8:06

    Keywords
    • cyber security
    • security
    • internet
    • browsers

  • Talos Takes : Episode 32
    2020-10-02

    Talos Takes Ep. #32: How to keep your children safe while they attend school online

    Jon doesn’t have any children. So he found someone who does — Beers with Talos’ own Craig Williams — to talk about remote learning. Children are back to school, and many of them are doing so online. Craig and Jon talk about DNS filters, parental controls, meeting passwords and more that are sure to help parents and teachers adjust to this new normal.

    Hosted By:
    Jon Munshaw
    Featuring:
    Craig Williams@security_craig
    Download
    Run Time: 8:08

    Keywords
    • school
    • online learning

  • Talos Takes : Episode 31
    2020-09-25

    Talos Takes Ep. #31: Diving even deeper into Cobalt Strike

    Snort researcher and rule-writer Nick Mavis takes time out of his busy schedule to join us again this week. Nick recently published a research paper on the bevy of detection he wrote for Cobalt Strike, a tool attackers are increasingly using. Nick talks about his process of working on the paper, why Cobalt Strike has become so popular and what he learned during the research process.

    Hosted By:
    Jon Munshaw
    Featuring:
    Nicholas Mavis
    Download
    Run Time: 5:00

    Keywords
    • Cobalt Strike
    • Snort
    • malware
    • detection

  • Talos Takes : Episode 30
    2020-09-18

    Talos Takes Ep. #30: Spamming from Salfram

    On this week’s episode, Edmund Brumaghin joins the show again to talk about a recent blog post on Salfram. This threat actor is spreading lots and lots of spam and using it to deliver a variety of malware. Here’s why this threat specifically caught our eye and how it’s evolving over time.

    Hosted By:
    Jon Munshaw
    Featuring:
    Edmund Brumaghin
    Download
    Run Time: 4:54

    Keywords
    • Salfram
    • spam
    • phishing
    • malware

  • Talos Takes : Episode 29
    2020-09-11

    Talos Takes Ep. #29: Election security roundtable excerpt

    This week’s episode is actually an excerpt from our recently released roundtable on disinformation and American election security. This is a small part of our larger discussion on fake news, state-sponsored actors using fake social media accounts, and what can be done to combat the spread of disinformation. To see the whole thing, click here.

    Hosted By:
    Jon Munshaw
    Featuring:
    Nick Biasini@InfoSec_Nick and Matt Valites
    Download
    Run Time: 6:56

    Keywords
    • disinformation
    • fake news
    • election security

  • Talos Takes : Episode 28
    2020-08-27

    Talos Takes Ep. #28: Sharing information on information-sharing

    Talos intakes a ridiculous amount of information every day. So how do we parse what is and isn’t important enough to share? In this episode of Talos Takes, Amy Henderson from our Threat Intelligence and Interdiction team talks about our information-sharing partnerships with both private and public entities. How do we disseminate important information to our friends in the field? And why are security organizations like the Cyber Threat Alliance so important?

    Hosted By:
    Jon Munshaw
    Featuring:
    Amy Henderson@amyhendertweets
    Download
    Run Time: 10:41

    Keywords
    • information sharing
    • intel
    • threat intel
    • Talos
    • CTA

  • Talos Takes : Episode 27
    2020-08-20

    Talos Takes Ep. #27: Why are we so obsessed with attribution?

    On this episode of Talos Takes, we talk all about attribution. Our guest, Martin Lee, recently co-authored a post on the hurdles government agencies and private researchers alike face when trying to place blame for a cyber attack. Martin talks about why we’re so obsessed with placing the blame, what false flags are and what helpful things can actually come from attributing a threat.

    Hosted By:
    Jon Munshaw
    Featuring:
    Martin Lee@mlee_security
    Download
    Run Time: 9:56

    Keywords
    • attribution
    • APTs
    • malware