Talos Takes

Talos’ spin on security news

Every week, host Jon Munshaw brings on a new guest from Talos or the broader Cisco Secure world to break down a complicated security topic in just five or 10 minutes. We cover everything from breaking news to attacker trends and emerging threats.

Subscribe
  • Talos Takes

    Back to school advice for teachers, students, parents, admins and everyone in between

    We're headed back to school with Talos Takes again! Pierre Cadieux from Cisco Talos Incident Response joins the show to talk about advice for educational institutions. Jon asks him about common incident response advice for the education sector and we cover security advice for school admins, parents and students who have to worry about electronic devices traveling to and from school and connecting to all sorts of networks. This episode is particularly relevant this week given some recent major cyber attacks against the education sector, including a major event at the combined Los Angeles school district

    Download
    Run Time: 00:12:16
    Keywords
  • Talos Takes

    XL Edition: Talos' update on our work in Ukraine

    This week, we have the audio version of our recent livestream for Ukraine Independence Day. Talos assembled a panel of experts who have been working hands-on to defend critical Ukraine systems and its citizens from cyber threats. JJ Cummings, Ashlee Benge and Dmytro Krozhevin answer questions from Hazel Burton about the current security threats Ukraine faces, what Talos has done to hunt for threats in the region and how Cisco is supporting its employees in Ukraine.

    Download
    Run Time: 00:55:44
    Keywords
  • Talos Takes

    Talos Takes Ep. #110: The kinetic and cyber threats Ukrainian agriculture faces

    • An underrated aspect of Russia’s invasion of Ukraine is the effect it’s had on the global food supply chain. Ukraine is a major importer and exporter of grain and other food staples, but the industry now faces kinetic and cyber threats. Joe Marshall of Talos has spent months learning all about agricultural cybersecurity and the unique position farming equipment and infrastructure is in. Joe recently wrote about these threats for the Talos blog and joins Talos Takes to talk about how important Ukraine is to the global food supply chain and what law enforcement and global governments can do to prepare for potential state-sponsored attacks.
    Download
    Run Time: 00:08:18
    Keywords
  • Talos Takes

    Talos Takes Ep. #109: Why cybercrime is going small-time

    The public traditionally thinks about cyber attacks as being from some well-funded, state-sponsored actor. But increasingly small-time criminals are turning to the internet to make their money. Increasingly, they’re not carrying out one-off robberies, and instead are working on insurance fraud scams and spam emails. Nick Biasini joins Talos Takes this week to discuss his recent research into this topic and shares what the data shows about the growth of small-time cybercrime.

    Download
    Run Time: 00:08:25
    Keywords
  • Talos Takes

    Talos Takes Ep. #61: Why does SideCopy seem so familiar?

    The last time Jon had Asheer Malhotra from Talos Outreach on the show, they covered the Transparent Tribe APT. Asheer joins the show again this week to talk about another threat actor that is very similar to Transparent Tribe, but is just a tad different. Asheer recently co-authored a research paper on the aptly named SideCopy actor, which borrows many TTPs from their fellow actors, including Transparent Tribe. This episode, we’ll talk about SideCopy’s methods, why they may be borrowing so much from those around them and where they could go from here.

    Download
    Run Time: 00:08:28
    Keywords
    • APTs
    • SideCopy
    • RATs
    • trojans
    • spam
    • phishing
  • Talos Takes

    Talos Takes Ep. #59: A deep dive into vulnerabilities in a home security station

    We’ve spent many minutes (that’s the point of the podcast, after all) discussing internet-of-things devices on this podcast. As consumers start having more “smart” devices connected to their home network, they may want an easy solution to keeping those devices safe. But what if that device gets owned?

    Carl Hurd of our vulnerability research team recently discovered several vulnerabilities in Trend Micro’s Home Network Security Station. He joins the show for the first time to talk about his research, the pros and cons of these all-in-one home network security devices, and how an attacker could exploit these issues to spy on your devices.

    Download
    Run Time: 00:10:25
    Keywords
    • vulnerabilities
    • IoT
    • home security
  • Talos Takes

    Talos Takes Ep. #58: It's time to get serious about protecting critical infrastructure

    With major cyber attacks in recent years against major U.S. critical infrastructure suppliers like Norsk Hydro and Colonial Pipeline, we’re in a new world of CI cybersecurity. New threats require new approaches to defense. And in the U.S., this is likely going to include partnerships between those who manage critical infrastructure, government and the private cybersecurity sector.

    Talos recently outlined what this may look like in America. One of the authors of that post, Joe Marshall, joins Jon Munshaw this week on Talos Takes to talk about public-private partnerships to defend critical infrastructure.

    Download
    Run Time: 00:08:41
    Keywords
    • critical infrastructure
    • oil and natural gas
    • ransomware
    • operational technology
  • Talos Takes

    Talos Takes Ep. #57: What's in it for both sides of the ransomware-as-a-service model?

    How much is ransomware-as-a-service like a McDonald’s franchise? More similar than you’d think! The RaaS model has entered the mainstream over the past few months with groups such as DarkSide attacking the Colonial Pipeline.

    In these transactions, what’s in it for the original ransomware creator? And what do the operators themselves get out of it? Nick Biasini joins Jon Munshaw this week to talk about this business model, what it means for the rise in ransomware attacks, and how you can stay protected.

    Download
    Run Time: 00:05:27
    Keywords
    • ransomware
    • ransomware-as-a-service
    • OT
    • critical infrastructure
  • Talos Takes

    Talos Takes Ep. #62: There's still plenty of mileage left in BEC

    Business email compromise may seem like last decade’s threat, but it’s still just as prevalent as ever. A recent FBI report found that it cost users more than $1 billion in 2020, and attackers are now capitalizing on everything from PlayStation 5 sales to the COVID-19 pandemic to still scam people. On this week’s Talos Takes, Nick Biasini recaps his recent research into BEC and discusses why there are some reasons why this threat may never go away (hint: users).

    Download
    Run Time: 00:05:25
    Keywords
    • business email compromise
    • spam
    • phishing
    • email
  • Talos Takes

    Talos Takes Ep. #56: The first security steps when returning to the office

    We started out the COVID-19 pandemic by thinking we’d be away from the office for a month — maybe two. More than 12 months later, we’re still here, working from home (at least part-time).

    But some businesses are starting to reopen now and welcoming workers back into the office. After so much time working out of the office, what should security professionals do once they get back? In this week’s episode, Beers with Talos’ own Craig Williams joins the show to talk about triple-checking for patches, changing passwords and more. Plus, how should you handle the new hybrid worker?

    Download
    Run Time: 00:10:51
    Keywords
    • work from home
    • COVID
    • patching