Talos Takes

Talos’ spin on security news

Every week, host Jon Munshaw brings on a new guest from Talos or the broader Cisco Secure world to break down a complicated security topic in just five or 10 minutes. We cover everything from breaking news to attacker trends and emerging threats.

Subscribe
  • Talos Takes

    Why more actors are starting to use Telegram for their communications

    Jon started noticing that Talos is finding more threat actors using Telegram nowadays for their communication and coordination, so he decided to bring Azim Khodjibaev on to ask him if he was just inventing this, or if it was a real trend. Turns out it's a real trend! Azim fills listeners in on why Telegram is becoming the app of choice for APTs to publish "news," threaten data leaks, and more. 

    Download
    Run Time: 00:10:25

    Keywords

  • Talos Takes

    Why no one should be relying on passive security in 2024

    Nick Biasini joins Jon this week to talk about passive security. He recently wrote about this topic for the Talos blog and joined Wendy Nather in discussing the merits of passive security versus active blocking. Nick defines what passive security is, exactly, and why it's not the way to go in the modern age. 

    Download
    Run Time: 00:08:17

    Keywords

  • Talos Takes

    What's new about GhostSec's ransomware-as-a-service model

    Chetan Raghuprasad from the Talos Outreach team joins Talos Takes this week to talk to Jon about the GhostSec threat actor that he and a few colleagues wrote about for the Talos blog. GhostSec has teamed up with another ransomware group to carry out double extortion attacks all over the globe, with increasing frequency over the past year. They discuss what's unique about this particular RaaS model, where GhostSec came from, and the benefits of going in on a team-up. 

    Download
    Run Time: 00:12:06

    Keywords

  • Talos Takes

    Why are "identity attacks" on the rise?

    Now more than ever, adversaries are logging in, not breaking in. They're stealing legitimate user credentials to hide undetected on a targeted network after acquiring said credentials in a variety of ways. Hazel Burton joins Jon Munshaw this week to discuss identity attacks, recommendations for avoiding them, and how QR code phishing plays into these tactics. 

    Download
    Run Time: 00:11:29

    Keywords

  • Talos Takes

    The tl;dr of NIS2

    Gergana Karadzhova-Dangela and Thorsten Rosendahl, our resident experts on all things European Union cybersecurity law, join the show this week to talk about the impending NIS2 regulations. Don't worry, you've still got plenty of time to work on them, but this is a good place to get started even if you've never seen the phrase "NIS2" before. Find more of their writing on NIS2 here and here

    Download
    Run Time: 00:14:05

    Keywords

  • Talos Takes

    Case study: How Talos IR helped a healthcare tech company avoid a ransomware attack

    Reposted from the Cisco Security Stories feed: Meet Jeremy Maxwell, CISO of Veradigm, a healthcare IT company. Jeremy discusses how his organization proactively prepares for cybersecurity incidents within a highly regulated industry.

    Download
    Run Time: 00:49:20

    Keywords

  • Talos Takes

    How are attackers using malicious drivers in Windows to stay undetected?

    Chris Neal from Talos Outreach joins the show today to talk about his research into the ways adversaries are using malicious drivers on Windows to spread malware. He recently launched a new series on the Talos blog about the basics of drivers and how security researchers can reverse engineer them to learn more about attacker TTPs and develop new detection content. Chris discusses when he first spotted this type of attack, what advantages it presents for the attacker and the other aspects of the research he plans to dive into.

    Download
    Run Time: 00:11:36

    Keywords

  • Talos Takes

    (XL Edition): Talos IR recaps the top threats of Q4 2023

    This week, we're bringing you the audio version of our recent Talos IR On Air video. Several Talos incident responders got together to recap the top threats and attacker trends of Q4 2023, as outlined in our full Quarterly Trends Report. Hear about why ransomware was up for the first time the entire year, and which sectors were being targeted most often. 

    Download
    Run Time: 00:17:18

    Keywords

  • Talos Takes

    What's new with CVSS 4.0, and does it really change anything?

    We're talking about vulnerabilities this week with Jerry Gamblin from Cisco Vulnerability Management. Jerry joins the show to talk about the release of CVSS 4.0 this year — the newest method the security community will use to score the severity of certain vulnerabilities. Jerry discusses what makes this scoring system different from previous iterations if it changes how he views the term "severe" and how that fits into Cisco's overall vulnerability management processes. 

    Download
    Run Time: 00:09:29

    Keywords

  • Talos Takes

    XL Edition: Talos' 2023 Year in Review

    In this special edition of the show, we're bringing you the audio version of our Year in Review livestream. Recorded at the end of December, this stream included Hazel Burton, Nick Biasini and Laurie Varner from Cisco Talos Incident Response recapping the year that was in cybersecurity. They covered the highlights of our 2023 Year in Review report, their personal takeaways from the past year, and trends to watch for heading into the new year.

    Download
    Run Time: 00:34:51

    Keywords