Talos Takes

Talos’ spin on security news

Every week, host Jon Munshaw brings on a new guest from Talos or the broader Cisco Secure world to break down a complicated security topic in just five or 10 minutes. We cover everything from breaking news to attacker trends and emerging threats.

Subscribe
  • Talos Takes

    Talos Takes Ep. #50: Attackers are using Discord just as much as you are

    Cisco Talos recently discovered a wave of attackers spreading malware via collaboration apps like Discord and Slack. On this week’s episode of Talos Takes, Nick Biasini joins the show to bring us inside his research process for this post and discuss why these attacks have been so successful. Jon brings up his Dungeons & Dragons group, too, if you’re interested in that sort of thing.

    Download
    Run Time: 00:07:17

    Keywords
    • malware
    • Discord
    • spam

  • Talos Takes

    Talos Takes Ep. #53: What can we learn from those air fryer vulnerabilities?

    Everyone had jokes when it came to the vulnerabilities we recently disclosed in a WiFi-connected air fryer. But there are actually some lessons to take away from this, such as: “Not everything needs to be connected to the internet.” Joe Marshall joins the show this week to discuss all things “smart” appliances, how to protect your network and the repercussions of these specific air fryer vulnerabilities.

    Download
    Run Time: 00:11:00

    Keywords
    • IoT
    • ICS
    • vulnerabilities
    • patching

  • Talos Takes

    Talos Takes Ep. #49: LodaRAT's connection to Android devices

    Chris Neal from Talos Outreach has followed LodaRAT for years now. It’s gone from a fairly small threat to a full-on malware with several features that target all sorts of Android devices. Chris joins the show this week to discuss his history of researching LodaRAT and updates us on its latest TTPs. Find out how this trojan tries to trick users into downloading it on their phones and how it hunts for your banking information.

    Download
    Run Time: 00:06:05

    Keywords
    • malware
    • trojans
    • banking trojan
    • mobile malware
    • LodaRAT

  • Talos Takes

    Talos Takes Ep. #48: The history of ObliqueRAT

    After researching and writing about ObliqueRAT for several months now, Asheer Malhotra joins Talos Takes for the first time to discuss this trojan. We’ve seen this malware evolve over the past year or so to ad new evasion techniques and find ways to avoid email filters and usual antivirus protections. Asheer talks about his history researching this malware and provides some advice on how to avoid email spam and the other maldocs these actors try to spread.

    Download
    Run Time: 00:07:54

    Keywords
    • ObliqueRAT
    • malware
    • trojans
    • spam

  • Talos Takes

    Talos Takes Ep. #45: Finding an alternative to SMS multi-factor authentication

    It was only a matter of time before we had Wendy Nather from Cisco Secure Duo on the show. We finally met Beers with Talos’ level of stardom, as Wendy joins the show to discuss SMS messages as a form of multi-factor authentication. We break down why SMS authentication is still around and used by some of our most important services like banks, and what alternatives are out there. We also discuss the dangers of SIM-jacking attacks and the benefits of using Duo’s app-based authentication.

    Download
    Run Time: 00:08:30

    Keywords
    • MFA
    • SMS
    • 2FA
    • passwords

  • Talos Takes

    Talos Takes Ep. #44: A super-sized edition for a roundtable discussion on SolarWinds

    Welcome to the first-ever XL edition of Talos Takes. This one is a little longer than usual, but we promise you it’s worth it. We recently brought together researchers from all corners of Talos to talk about what we know about SolarWinds so far, and what’s still to be discovered. Our various teams have spent the past several months diving deep into the SolarWinds supply chain attack, and this is a collection of Talos’ knowledge on the current situation. Talking points include whether it’s fair to refer to this campaign as “SolarWinds,” what other initial infection vectors there may be, the breadth of the attack and more boots-on-the-ground intelligence. If you want to watch the video version, head to our YouTube page.

    Download
    Run Time: 00:34:50

    Keywords
    • SolarWinds
    • Incident Response
    • supply chain
    • news
    • Headlines

  • Talos Takes

    Talos Takes Ep. #43: Microsoft Exchange Server emergency show

    We put this week’s Talos Takes episode together last minute to discuss the Microsoft Exchange Server zero-day vulnerabilities Microsoft disclosed earlier this week. Nick Biasini joins the show to discuss mitigation strategies and what these vulnerabilities mean for your environment at-large. Plus, we discuss why this is another case of patching above all else. For more coverage on this topic, check out the Talos blog.

    Download
    Run Time: 00:05:30

    Keywords
    • Microsoft
    • Exchange
    • vulnerabilities
    • CVEs
    • zero-day

  • Talos Takes

    Talos Takes Ep. #42: Seriously folks, save your logs

    When Pierre Cadieux steps into a Cisco Talos Incident Response engagement, the first thing he wants to do is check out the customer’s logs. But if there are no logs to be found, he’ll be pretty limited in the kinds of insights he can provide.

    This has come up several times during the SolarWinds era, when customers are wanting to know if they were targeted in the widespread supply chain attack. So in this episode of Talos Takes, Pierre joins the show to discuss why it’s so important to keep logs for everything — log-ins, events, applications and more.

    Download
    Run Time: 00:07:29

    Keywords
    • SolarWinds
    • Incident Response
    • security logs
    • Cisco Talos Incident Response
    • security

  • Talos Takes

    Talos Takes Ep. #41: Why you should upgrade to Snort 3

    For this week’s episode of Talos Takes, we’re switching back to Snort talk. For anyone who hasn’t been on security Twitter over the past month, you may not know that we released the Snort 3 GA last month — formally known as Snort 3.1.0. To celebrate, Nick Mavis joins the show again to discuss Snort 3’s new features and upgrades over 2.9.X. Nick, who regularly writes Snort rules for Cisco Talos and has been working hands-on with both versions of Snort for years, talks about how the rules improve with Snort 3, why detection and protection are better and everything else he loves about Snort 3. For more, check out the Snort 3 page on Snort.org.

    Download
    Run Time: 00:06:02

    Keywords
    • Snort
    • Snort 3

  • Talos Takes

    Talos Takes Ep. #47: Masslogger

    On this week’s episode of Talos Takes, we go back a month or so to reflect on the Masslogger trojan Talos wrote about earlier this year. This malware may not make national headlines, but that doesn’t mean you should just ignore it. Find out where this trojan is hiding and why it’s after your Outlook and Google Chrome login credentials.

    Download
    Run Time: 00:04:51

    Keywords
    • trojan
    • Masslogger
    • malware
    • Threats