This form is for Incident Response service inquiries only, including emergency network security needs.For reputation or categorization inquiries, use the Reputation Support Form.
Talos Takes
Talos’ spin on security news
Every week, host Jon Munshaw brings on a new guest from Talos or the broader Cisco Secure
world to break down a complicated security topic in just five or 10 minutes. We cover
everything from breaking news to attacker trends and emerging threats.
Asheer Malhotra from Talos Outreach has followed Transparent Tribe for years now. This APT has been all over the place using all sorts of trojans. So where my they go next? Asheer joins Talos Takes this week to discuss the malware this group deploys and how they use typo-squatted domains to lure victims in.
In this special “XL edition” of Talos Takes, we’re bringing you the audio version of our live stream this week discussing the Kaseya supply chain attack. Nick Biasini from Talos Outreach went live with Hazel Burton, a Cisco product marketing manager, to discuss what transpired over the long Fourth of July weekend. Nick discussed the Kaseya exploit leveraged in this campaign, plus the follow-on ransomware attacks. This is the best place to get the tl;dr on what happened, what you need to be doing now, and what Cisco Secure solutions can keep you protected.
Welcome to the unofficial incident response week at Talos! As part of the RSA Conference, we’ve released twonew case studies detailing some malware cases Cisco Talos Incident Response helped resolve. Brad Garnett, this week’s guest, also released a new blog post where he wrote about why incident response is “the ultimate team sport.” Brad joins host Jon Munshaw this week to take a deeper dive into one of these engagements, in which an attacker tried to use Cobalt Strike to infect a target with ransomware (hint: this would have been really bad!) Brad talks about how the strong personal relationships CTIR built with the customer in question set everyone up for success.
To celebrate World Password Day this week, we’re talking about getting rid of passwords! Dave Lewis, a global advisory CISO for Cisco Secure, joins Jon to talk about all things passwordless. This is a new initiative Cisco Secure and Duo have undertaken to get network administrators to move away from using passwords in favor of other forms of authentication. Jon and Dave discuss why passwords can be dangerous, the benefits of going passwordless and how to convince longtime users to ditch traditional login credentials.
We can set our watches to tax scams every year in April. The bad guys are always looking to steal your information, promising to get you a bigger tax return or do your taxes for you. This year is a bit different because Tax Day is a bit later than usual thanks to — you guessed it — COVID. Attackers are now combining these two topics to create spam campaigns, promising to provide you new information about how COVID affects your taxes, or even promising to send you a gift in exchange for receiving your COVID vaccine. Jaeson Schultz makes his inaugural appearance on Talos Takes to discuss what he’s seeing in the wild and how you can avoid these common scams.
Cisco Talos recently discovered a wave of attackers spreading malware via collaboration apps like Discord and Slack. On this week’s episode of Talos Takes, Nick Biasini joins the show to bring us inside his research process for this post and discuss why these attacks have been so successful. Jon brings up his Dungeons & Dragons group, too, if you’re interested in that sort of thing.
Everyone had jokes when it came to the vulnerabilities we recently disclosed in a WiFi-connected air fryer. But there are actually some lessons to take away from this, such as: “Not everything needs to be connected to the internet.” Joe Marshall joins the show this week to discuss all things “smart” appliances, how to protect your network and the repercussions of these specific air fryer vulnerabilities.
Chris Neal from Talos Outreach has followed LodaRAT for years now. It’s gone from a fairly small threat to a full-on malware with several features that target all sorts of Android devices. Chris joins the show this week to discuss his history of researching LodaRAT and updates us on its latest TTPs. Find out how this trojan tries to trick users into downloading it on their phones and how it hunts for your banking information.
After researching and writing about ObliqueRAT for several months now, Asheer Malhotra joins Talos Takes for the first time to discuss this trojan. We’ve seen this malware evolve over the past year or so to ad new evasion techniques and find ways to avoid email filters and usual antivirus protections. Asheer talks about his history researching this malware and provides some advice on how to avoid email spam and the other maldocs these actors try to spread.
It was only a matter of time before we had Wendy Nather from Cisco Secure Duo on the show. We finally met Beers with Talos’ level of stardom, as Wendy joins the show to discuss SMS messages as a form of multi-factor authentication. We break down why SMS authentication is still around and used by some of our most important services like banks, and what alternatives are out there. We also discuss the dangers of SIM-jacking attacks and the benefits of using Duo’s app-based authentication.