Talos intakes a ridiculous amount of information every day. So how do we parse what is and isn’t important enough to share? In this episode of Talos Takes, Amy Henderson from our Threat Intelligence and Interdiction team talks about our information-sharing partnerships with both private and public entities. How do we disseminate important information to our friends in the field? And why are security organizations like the Cyber Threat Alliance so important?
On this episode of Talos Takes, we talk all about attribution. Our guest, Martin Lee, recently co-authored a post on the hurdles government agencies and private researchers alike face when trying to place blame for a cyber attack. Martin talks about why we’re so obsessed with placing the blame, what false flags are and what helpful things can actually come from attributing a threat.
There are so many options now for basic web browsing. There are ad-blocking plugins, privacy browsers, incognito mode, password managers — but for the average user, this can be a lot to keep up with. In this episode of Talos Takes, we dissect all these options and talk about what your best options are to keep your information safe while doing some everyday web browsing.
This week’s Talos Takes episode is another malware deep dive. Edmund Brumaghin joins the show to talk about WastedLocker, a recent ransomware family he and some other Talos researchers reverse-engineered. Here’s everything you need to know about what makes this threat unique and how it uses LoLBins to survive.
LoLBins sound like they’d be funny, but they’re anything but. These “living-off-the-land binaries” make it so that attackers can more easily hide on your system as they disguise themselves as legitimate processes. On this episode of Talos Takes, Nick Biasini talks about what LoLBins are, exactly, how adversaries use them and how you can spot them on your environment.
Honeypots are an important part of threat research and detection. In this episode of Talos Takes, we talk to Christopher Evans, who is our resident honeypot expert at Talos. Chris talks about how he uses them every day, why they’re important to Talos’ overall mission and balancing the use of them with the potential for making attackers smarter.
The quick and dirty beginner’s guide to what Snort is and how to use. This the podcast accompaniment to the rest of our Snort 101 materials, which can be found on Snort.org/Resources.
The dark web sounds scary — and it is. But what exactly does this dark web consist of? Despite what the name may suggest, it’s actually not people selling organs or stolen video games that happened to fall off the back of a truck. But what is actually on these forums? Azim Khodjibaev joins Jon Munshaw this week to discuss his experience with the dark web.
We use the term “APT” in cyber security a lot. But what does it mean, exactly? Does a group have to break a certain threshold to become an APT? Does the term refer to a specific malware family or a group of actors? On this week’s Talos Takes, Jon Munshaw talks to Azim from Talos’ Threat Intelligence team about this very topic.
Everyone is meeting virtually now. Whether it be important business or the average happy hour with friends and family, there’s no shortage of invites to chat rooms, presentations and software you’ve never heard of before you started working from home. And, of course, this software comes with its own set of security concerns and vulnerabilities. So Matt Valites joins Jon Munshaw this week to talk about the basics of securing your next friendly meetup or presentation to the board.
The value of cryptocurrencies is nowhere near where it was just two years ago. So does that mean cryptominers have gone away as a threat? Jon Munshaw and Nick Biasini sit down in this episode of Talos Takes to discuss where cryptominers stand in 2020. Why aren’t we reading about them as much? And why is being hit with one a sign of worse things to come?
We published our findings on a ransomware family known as MedusaLocker last week. On its surface, it’s just like any other ransomware family — steals your stuff, encrypts it, and asks for some money to get it back. But there are some secret tricks hidden beneath the surface, and Edmund Brumaghin is here to talk about them.
Threat actors all over the place are trying to capitalize on COVID-19. We recently discovered a campaign we’re calling “PoetRAT” using lure documents themed around the pandemic attempting to trick victims into downloading malware. In this week’s Talos Takes episode, Nick Biasini chats with one of the researchers on the project, Warren Mercer, about this threat.
Threat researchers like to throw around the acronym “FUD” a lot. But is FUD, exactly? Why should you look out for it? And why do attackers win when they sow FUD? Joe Marshall and Jon Munshaw walk you through fear, uncertainty and doubt and discuss why panic and misinformation play right into attackers’ hands.
Earlier this week, we released an in-depth blog post on fingerprint scanners used as physical security gates on devices. To save you a bit of time, and to summarize it for those non-technical folks out there, Nick Biasini and Jon Munshaw dedicate this episode to breaking down Talos’ research. What was the endgame of our research? And can you rely only on your fingerprint to keep your device secure?