Talos Takes

Talos’ spin on security news

Every week, host Jon Munshaw brings on a new guest from Talos or the broader Cisco Secure world to break down a complicated security topic in just five or 10 minutes. We cover everything from breaking news to attacker trends and emerging threats.

Subscribe
  • Talos Takes
    2022-09-02

    XL Edition: Talos' update on our work in Ukraine

    This week, we have the audio version of our recent livestream for Ukraine Independence Day. Talos assembled a panel of experts who have been working hands-on to defend critical Ukraine systems and its citizens from cyber threats. JJ Cummings, Ashlee Benge and Dmytro Krozhevin answer questions from Hazel Burton about the current security threats Ukraine faces, what Talos has done to hunt for threats in the region and how Cisco is supporting its employees in Ukraine.

    Download
    Run Time: 00:55:44

    Keywords

  • Talos Takes
    2022-08-26

    Talos Takes Ep. #110: The kinetic and cyber threats Ukrainian agriculture faces

    • An underrated aspect of Russia’s invasion of Ukraine is the effect it’s had on the global food supply chain. Ukraine is a major importer and exporter of grain and other food staples, but the industry now faces kinetic and cyber threats. Joe Marshall of Talos has spent months learning all about agricultural cybersecurity and the unique position farming equipment and infrastructure is in. Joe recently wrote about these threats for the Talos blog and joins Talos Takes to talk about how important Ukraine is to the global food supply chain and what law enforcement and global governments can do to prepare for potential state-sponsored attacks.
    Download
    Run Time: 00:08:18

    Keywords

  • Talos Takes
    2022-08-19

    Talos Takes Ep. #109: Why cybercrime is going small-time

    The public traditionally thinks about cyber attacks as being from some well-funded, state-sponsored actor. But increasingly small-time criminals are turning to the internet to make their money. Increasingly, they’re not carrying out one-off robberies, and instead are working on insurance fraud scams and spam emails. Nick Biasini joins Talos Takes this week to discuss his recent research into this topic and shares what the data shows about the growth of small-time cybercrime.

    Download
    Run Time: 00:08:25

    Keywords

  • Talos Takes
    2022-08-12

    Talos Takes Ep. #69: Our armadillo in shining armor

    Asheer Malhotra joins the show to once again cover a cyber attack in South Asia. This time, it’s an attacker that looks and smells like an APT, but may just be a run-of-the-mill crimeware gang. Asheer discusses he and his colleagues’ research into Operation: Armor Piercer, a campaign targeted at government agencies and military contractors. Needless to say, these are high-profile targets. Find out what this group wants and why they’re aping so much from other groups like Transparent Tribe and SideCopy.

    Download
    Run Time: 00:10:00

    Keywords
    • RATs
    • malware
    • APTs
    • spam
    • MFA

  • Talos Takes
    2022-08-12

    Talos Takes Ep. #70 (NCSAM edition): For once, a positive spin on hybrid work

    Everyone loves to talk and write about how tough it is that we are all working remotely during the COVID-19 pandemic. So for once — to celebrate National Cybersecurity Awareness Month — Talos Takes wants to talk about the positives! Christopher Marshall, the head of Talos’ detection research team, joins the show to discuss how he’s kept his team’s morale up during this time. Cybersecurity is a rough industry to be in, regardless of any external factors. So it’s important for him to avoid employee burnout and turnover. He and Jon also discuss the positives of working remotely, what they’re most looking forward to when they can go back into the office and their favorite pandemic-era hobbies.

    Download
    Run Time: 00:09:22

    Keywords
    • work from home
    • COVID
    • burnout
    • hiring
    • security

  • Talos Takes
    2022-08-12

    Talos Takes Ep. #67: Why are ransomware groups getting so emotional?

    Fresh off of translating an entire ransomware playbook from Russian to English, Azim and Dave from the Talos Threat Intelligence & Interdiction team join Talos Takes to talk about this project. They provide some first-hand insights into what this leaked playbook tells us about the Conti ransomware-as-a-service group. Threat actors — they have feelings just like us!

    Download
    Run Time: 00:08:20

    Keywords
    • Conti
    • ransomware
    • APTs

  • Talos Takes
    2022-08-12

    Talos Takes Ep. #68: It's a bird, it's a plane, it's some rats!

    Allow Vitor Ventura to take you on a journey of discovery, threat actors and attribution. He recently assisted with an investigation into a series of malware and spam campaigns using aviation-themed lures. These include fake flight itineraries, invoices and more. Vitor joins us on this week’s Talos Takes episode to discuss what he learned during this process, including how he connected the campaigns, what he learned (and couldn’t learn) about the actor behind them, and what he’ll take away into his next research. This is a great episode for anyone who is wondering about what kinds of pitfalls are out there for a security researcher.

    Download
    Run Time: 00:06:17

    Keywords
    • malware
    • spam
    • email

  • Talos Takes
    2022-08-12

    Talos Takes Ep. #66: Dude, where's my bandwidth?

    “Proxyware” sounds like a complicated topic that you’re too afraid to ask about. But really, it’s just software that allows users to sell off a portion of their internet bandwidth for a small profit. Problem is, attackers are swooping in on this popular software to spread malware and steal users’ money. Edmund Brumaghin joins the show this week to discuss his recent research into proxyware applications and how malware is hiding in plain sight. Edmund discusses why these types of apps are potentially unwanted applications, and what the threat is for enterprise users with remote workers, as well as personal PC users.

    Download
    Run Time: 00:07:09

    Keywords
    • proxyware
    • malware
    • spam
    • scams

  • Talos Takes
    2022-08-12

    Talos Takes Ep. #65: We're all excited to travel again, but so are attackers

    As more people around the world start to get vaccinated against COVID-19, travel is becoming easier, especially during these summer months. But as much as you may be excited to travel, so are threat actors. Asheer Malhotra was part of a team that looked into a series of campaigns targeting users in Latin America, specifically using social engineering tactics centered around travel. Some of the lure documents, in this case, include fake travel itineraries, coupons for flights and hotel reservation confirmations. Asheer joins the show this week to discuss the throughline between all these attacks and their potential connections to the Aggah crimeware group.

    Download
    Run Time: 00:07:50

    Keywords
    • Aggah
    • malspam
    • social engineering
    • COVID-19
    • spam
    • RATs

  • Talos Takes
    2022-08-12

    Talos Takes Ep. #64: We go back to school

    Students are starting to go back to school across the U.S. There are plenty of things to worry about with the “new normal” while the world still combats COVID-19, and while we can’t help students, teachers and admins with everything, we can at least provide a little security advice. Nick Biasini joins the show once again to discuss the best cybersecurity practices as schools spin back up. What should parents tell their kids about electronic devices they bring home? What will IT admins have learned over the past year and a half plus? And how should we deal with the new norm of hybrid learning?

    Download
    Run Time: 00:08:35

    Keywords
    • school
    • remote learning
    • cheating
    • education
    • COVID-19
    • hybrid