Talos Takes

We published our findings on a ransomware family known as MedusaLocker last week. On its surface, it’s just like any other ransomware family — steals your stuff, encrypts it, and asks for some money to get it back. But there are some secret tricks hidden beneath the surface, and Edmund Brumaghin is here to talk about them.

Threat actors all over the place are trying to capitalize on COVID-19. We recently discovered a campaign we’re calling “PoetRAT” using lure documents themed around the pandemic attempting to trick victims into downloading malware. In this week’s Talos Takes episode, Nick Biasini chats with one of the researchers on the project, Warren Mercer, about this threat.

Threat researchers like to throw around the acronym “FUD” a lot. But is FUD, exactly? Why should you look out for it? And why do attackers win when they sow FUD? Joe Marshall and Jon Munshaw walk you through fear, uncertainty and doubt and discuss why panic and misinformation play right into attackers’ hands.

Earlier this week, we released an in-depth blog post on fingerprint scanners used as physical security gates on devices. To save you a bit of time, and to summarize it for those non-technical folks out there, Nick Biasini and Jon Munshaw dedicate this episode to breaking down Talos’ research. What was the endgame of our research? And can you rely only on your fingerprint to keep your device secure?

People across the world are working from home now, and employers are increasingly turning to VPN services and Windows Remote Desktop Protocol to make sure their workers have access to their files. In this Talos Takes episode, we run down some common security concerns with these services and discuss what employees should do to stay safe while accessing their files online.

Now that Cisco Incident Response has been a part of the Talos family for a few months now, we figured it was time to check back in with them. On this episode of Talos Takes, Brad Garnett from CTIR joins the show to talk about his organization’s new Cyber Range offering, part of the standard CTIR retainer. Brad discusses how a Cyber Range exercise can prepare your organization for the worst and how it helps dispel some myths around what happens during a cyber intrusion.

We’ve been covering several different generic types of malware over the past few weeks. Next up, we’ve got our overview of remote access trojans (or tools), also known as RATs. What goes into a RAT, and how is it different than other types of malware? What are some of their inherent capabiliites? We/ve got the rundown here.

Don’t attackers know we need a break right now? Alas, they’re doing everything they can to capitalize on the COVID-19 pandemic. This includes spreading fear, uncertainty and doubt with fake news, malicious advertisements and misleading information. In this Talos Takes episode, former journalist Jon Munshaw and researcher Nick Biasini discuss best practices for fact-checking, avoiding fake news and intaking the correct information during this trying time.

Yes, adversaries are always looking for new ways to make money. But what’s their No. 2 priority? Information. In this episode of Talos Takes, Nick Biasini and Earl Carter break down the basics of information-stealers and why they’re so important to keep out.

Talos Takes is finally back with its own feed and a new episode. Nick Biasini and Earl Carter discuss the best password practices. Should you use a password manager? What are some best practices? And what does all of this have to do with Disney Plus?