Talos Takes

Talos’ spin on security news

Every week, host Jon Munshaw brings on a new guest from Talos or the broader Cisco Secure world to break down a complicated security topic in just five or 10 minutes. We cover everything from breaking news to attacker trends and emerging threats.

Subscribe
  • Talos Takes

    Cybersecurity Awareness Month: The best practices for implementing multi-factor authentication

    All of October, we'll be covering broad security-related topics for Cybersecurity Awareness Month. First up, we address the basics of implementing MFA in any environment, why any type of MFA is better than no MFA, the pitfalls of certain types of authentication, and whether going passwordless is the future. 

    Download
    Run Time: 00:16:16

    Keywords

  • Talos Takes

    Inside a Talos Incident Response emergency event

    Hazel Burton takes over as guest host for this episode as she talks to Nate Pors from Cisco Talos Incident Response. Nate was part of Talos IR's team that helped Veradigm, a healthcare technology company, prevent a Qakbot ransomware attack. Nate and his team recently wrote about this experience for the Talos blog, and Veradigm's CISO even joined the Cisco Security Stories podcast recently to discuss his company's relationship with Talos IR. Nate discusses how his team's pre-existing relationship with Veradigm helped them respond quickly and effectively. If you've ever wanted to hear a play-by-play of a security event, this is your chance.

    Download
    Run Time: 00:15:39

    Keywords

  • Talos Takes

    How Talos helped defend Black Hat's network in Vegas

    What happens when the hackers become the hacked? Black Hat is one of the largest cybersecurity conferences in the world, and Talos had a hand in defending the on-site network for the past few years. Yuri Kramarz from Talos Incident Response worked in Black Hat's Network Operations Center this year to help defend Black Hat's network and attendees who connected to the network while attending the conference in August in Las Vegas. He joins Talos Takes this week to discuss what he's learned from the past few years working in the NOC, what types of threats Black Hat faces, and the lessons learned he now takes back into the field with customers. You can also read his reflections on working in the NOC in 2022 here

    Download
    Run Time: 00:15:40

    Keywords

  • Talos Takes

    SapphireStealer hits the open internet

    Cisco Talos has recently written about malware families that go open-source, sometimes of their own volition, and sometimes because of leaks. In the case of SapphireStealer, we still don't really know why someone posted this malware to GitHub, but now that it's out there, we can't put it back in a box. Edmund Brumaghin, who assisted with Talos' research and blog post on SapphireStealer, joins Talos Takes this week to discuss this information-stealer. Edmund talks about the goals that someone has by making malware open-source, how that affects detection and what makes SapphireStealer unique among infostealers. 

    Download
    Run Time: 00:07:23

    Keywords

  • Talos Takes

    You're never going to believe this, but Lazarus Group is back again

    North Korea's infamous APT group is back on the scene, this time with two new remote access trojans. By now, you've probably heard of Lazarus Group and all the annoying things they do to steal sensitive information, make money for North Korea's missile program, etc. But we have an update on their current tactics and payloads they're sending around the globe. Asheer Malhotra from Talos Outreach joins Talos Takes this week to discuss the two new RATs he and his team discovered, why Lazarus Group is still creating new tools, and how their use of older, open-source software has made tracking them ever-so-slightly easier. 

    Download
    Run Time: 00:09:53

    Keywords

  • Talos Takes

    Carrying out incident response in-person vs. virtually

    Everything about the modern workplace is different now from the start of the COVID-19 pandemic. Many companies are embracing the remote work lifestyle, while others are stuck in a hybrid model or pushing employees to come back to the office. With that in mind, we felt like it was a good time to check in on the incident response process for companies who have to deal with working remotely and those who prefer to conduct business in person. Yuri Kramarz and Gergana Karadzhova-Dangela from Cisco Talos Incident Response join the show this week to discuss how they handle onsite incident response versus engagements that need to be done remotely. There are drawbacks and benefits of both models, so it's up to the individual customer and specific circumstances to determine how a responder can best approach the event in question.

    Download
    Run Time: 00:15:31

    Keywords

  • Talos Takes

    Hacktivism is quietly growing, especially when it comes to Russia's invasion of Ukraine

    The stereotypical "hacker" who looks to do good in the world probably involves a Guy Fawkes mask and black hoodie. But hacktivism has become much more than that, especially since Russia invaded Ukraine. On the heels of a newly released overview on hacktivism, Lexi DiScola from the Talos Threat Intelligence and Interdiction team joins Talos Takes this week to discuss these actors. While not just anyone is likely a target for hacktivists, Talos has seen groups become more brazen and start looking to make money off their operations. 

    Download
    Run Time: 00:10:58

    Keywords

  • Talos Takes

    What's the difference between data theft extortion and ransomware?

    Cisco Talos Incident Response observed data theft extortion more than any other type of cyber attack last quarter. So why has it become so popular? And what makes it different from ransomware? Jacob Finn from the Talos Threat Intelligence and Interdiction Team joins Jon this week to discuss the basics of data theft extortion. He just worked on an overview of this threat for Talos researchers and works closely with Talos IR on their quarterly trends reports. Jacob discusses why threat actors are choosing data theft extortion over ransomware and how this makes defense and detection more difficult. For more on this topic, read our one-page overview here.

    Download
    Run Time: 00:10:58

    Keywords

  • Talos Takes

    Reading 2023's cybersecurity tarot cards

    Hazel Burton and Jon Munshaw use this week to look back on the top threats and cybersecurity trends so far in 2023 and the rest of the year. Hazel recently compiled Talos' Half-Year in Review, recapping the top stories that Talos has been following so far this year. She and Jon talk about what stood out from the report, what our researchers have been thinking about up to this point, and what we'll be discussing come December. 

    Download
    Run Time: 00:11:02

    Keywords

  • Talos Takes

    (XL Edition): The top trends that Talos IR saw last quarter

    We're back with the audio version of our quarterly Cisco Talos Incident Response On Air stream. Join the Talos IR team as they recap the past quarter's top trends, including talking about malware they're seeing in the wild, tactics that attackers are using most often to break into networks, and much more. They discuss why healthcare continues to be a popular target for bad actors, and how adversaries are pivoting away from ransomware and instead opting for data theft and extortion. If you prefer a video version, watch it over on YouTube here.

    Download
    Run Time: 00:29:46

    Keywords