Talos Takes

Talos’ spin on security news

Every week, host Jon Munshaw brings on a new guest from Talos or the broader Cisco Secure world to break down a complicated security topic in just five or 10 minutes. We cover everything from breaking news to attacker trends and emerging threats.

Subscribe
  • Talos Takes

    Talos Takes Ep. #104: The psychology of multi-factor authentication

    We go back to college this week with a Psychology 101 class. And today, we’re covering multi-factor authentication. Jon has Dave Lewis, one of Cisco Duo’s advisory CISOs, on the show to talk about the psychology behind using these apps and talking to users about implementing it across their environments. They discuss moving around the accept and reject buttons in the UI, how we communicate the benefits of MFA to administrators and the recent wave of brute-force attacks.

    Download
    Run Time: 00:09:20

    Keywords
    • MFA
    • multi-factor authentication
    • brute force

  • Talos Takes

    Talos Takes Ep. #103: What we can learn from a recent AvosLocker attack

    Chris Neal from Talos Outreach recently dove into a recent AvosLocker ransomware attack in the wild. This week, he joins the show to recap his major takeaways from this attack that other potential targets can learn from. He and Jon talk about the current ransomware-as-a-service landscape, the use of living-off-the-land binaries and other calling cards from this actor to keep an eye out for.

    Download
    Run Time: 00:08:28

    Keywords
    • LoLBins
    • ransomware
    • AvosLocker
    • cyber attack
    • ransomware-as-a-service

  • Talos Takes

    Talos Takes Ep. #102: Unmasking ransomware groups on the dark web

    Paul Eubanks joins this week’s episode of Talos Takes to look at his recent blog post on de-anonymizing ransomware groups on the whispers dark web. Paul and his team recently used several tactics to unmask several threat actors and disclosure their tactics to stay hidden. Jon interviews Paul about ransomware actors’ usual operations on the dark web, the specific tools and tactics he used and the pros and cons of calling out actors for their opsec failures.

    Download
    Run Time: 00:08:17

    Keywords
    • ransomware
    • dark web
    • APTs

  • Talos Takes

    Talos Takes Ep. #101: Cisco Live Talos roundup

    Jon reports live from the floor of Cisco Live U.S. this week. He interviewed several Talos speakers about their talks at Cisco Live and some of the major takeaways from conversations with users and customers this week.

    Download
    Run Time: 00:05:04

    Keywords
    • Cisco Live
    • ICS
    • cybersecurity
    • incident response
    • CTIR

  • Talos Takes

    Talos Takes Ep. #100: Cisco Live U.S. preview

    Get ready for Cisco Live next week in Vegas with a quick primer on everything Talos has going on at the conference. We’re excited to be back in person interacting with customers and users. Jon has a complete rundown of the Talos space at the conference, some talk highlights and other things you should know before you go. For a complete agenda, check out the Cisco Live Session Catalog.

    Download
    Run Time: 00:05:31

    Keywords
    • conferences
    • news
    • Cisco Live

  • Talos Takes

    Talos Takes Ep. #99: A primer on Talos at RSA

    We’re doing something a bit different this week — it’s just Jon for a few minutes talking about Talos’ plans at the RSA Conference coming up next week. Catch up on our plans for the week and here about some special events we have planned. To stay up-to-date on the latest, follow us on Twitter. And if you prefer a written preview, read this week’s Threat Source newsletter.

    Download
    Run Time: 00:04:40

    Keywords
    • conferences
    • RSA
    • RSAC
    • podcasts

  • Talos Takes

    Talos Takes Ep. #98: Maybe don't panic about that F5 BIG-IP vulnerability

    The recently disclosed vulnerability in F5 BIG-IP took security Twitter by storm two weeks ago, and continues to make headlines now. It immediately prompted warnings from CISA and security researchers everywhere warning users to patch as soon as possible. Of course, it’s important to patch. But maybe we started panicking a little too early that this was going to be the next PrintNightmare. On this week’s episode of Talos Takes, Jon is joined by Jerry Gamblin from Kenna Security to talk about the ins and outs of this vulnerability and while it is serious, it’s incredibly unlikely that an attacker can or would exploit it in the wild.

    Download
    Run Time: 00:08:07

    Keywords
    • vulnerabilities
    • patching
    • Kenna
    • BIG-IP

  • Talos Takes

    Talos Takes Ep. #97: MustangPanda stays agnostic

    See people, this is what happens when you finally let a panda drive a sports car! This week’s episode of Talos Takes covers the basics of MustangPanda, a Chinese state-sponsored actor we wrote about recently. Asheer Maholtra joins the show to go over his research into this group. Mainly, we discuss why this actor, despite being aligned with China, is targeting Russian government entities and organizations. Though the two countries seem to be allies, all is fair in love and cyber espionage.

    Download
    Run Time: 00:08:00

    Keywords
    • MustangPanda
    • APTs
    • state-sponsored
    • ransomware
    • trojans

  • Talos Takes

    Talos Takes Ep. #96: Takeaways from victim chats with two ransomware groups

    Kendall McKay joins Jon this week to discuss the Hive and Conti ransomware chats she and her colleagues recently reviewed. We obtained some leaked chats between these ransomware groups and some of their victims, showing us what communicating with an attacker is really like. Jon and Kendall discuss the negotiation process over a ransom payment and what else we learned from these chat logs.

    Download
    Run Time: 00:11:46

    Keywords
    • Hive
    • Conti
    • ransomware
    • malware

  • Talos Takes

    Talos Takes Ep. #95 (XL Edition): CTIR recaps last quarter's top threats

    On this week’s episode of Talos Takes, we’re bringing you the recording of last week’s live stream with Cisco Talos Incident Response. Beers with Talos’ own Liz Waddell hosted the first in our new “On Air” series with CTIR, where she and her fellow Talosians recapped the previous quarter’s top threats. They run through the malware families CTIR saw most in the field and discussed other trends that threat actors are starting to adapt.

    Download
    Run Time: 00:39:16

    Keywords
    • CTIR
    • Incident Response
    • ransomware
    • malware