Talos Takes
Every week, host Hazel Burton brings on a new guest from Talos or the broader Cisco Security world to break down a complicated security topic. We cover everything from breaking news to attacker trends and emerging threats.
Episodes
199 episodes
Unwrapping the emerging Interlock ransomware attack
Chetan Raghuprasad is our guest today as he breaks down the relatively new Interlock ransomware attack. Cisco Talos Incident Response recently observed this attacker conducting big-game hunting and double extortion attacks. Chetan ...
•
15:02
It's Taplunk! Talos and Splunk threat researchers meet to put the security world to rights
What happens when two sets of threat researchers from Talos and Splunk's SURGe team meet? Aside from some highly controversial opinions and omissions about the best horror movie, the team discuss what security trends are FUD, and what's actuall...
•
50:38
The biggest takeaways from Talos IR's new report: New ransomware variants, EDR tool uninstallation, and password spray attacks increasing
The Talos IR Quarterly Trends Q3 2024 is out now! In this episode Hazel Burton, Craig Jackson and Bill Largent discuss three big themes: some new ransomware players, the 'Bring Your Own Vulnerable Driver' trend, and why password spray attacks a...
•
15:26
How Talos IR and Splunk are teaming up
Hazel Burton steps in as guest host this week to talk to Brad Garnett, the head of Cisco Talos Incident Response, and JK Lialias, the head of cybersecurity product marketing for Splunk. Brad and JK share two exciting in which Talos is being inc...
•
Episode 197
•
21:21
Why the BlackByte ransomware group may be more active than we initially thought
James Nutland from Talos' Threat Intelligence team joins the show this week to talk to Jon about his
•
Episode 196
•
9:21
AI, critical infrastructure dominate conversation at Hacker Summer Camp
It's quite the gang for Talos Takes this week with Joe Marshall, Nick Biasini and Mick Baccio (from Splunk's SURGe team) joining Jon this week to recap Black Hat and DEF CON. They share all the conversations and talking points they heard around...
•
Episode 195
•
14:07
A 1-on-1 with Talos VP Matt Watchinski
He's been here since the beginning, and now he's ready to reflect on the past 10 years of Cisco Talos. Matt Watchinski, the Vice President of Talos for Cisco, joins Jon this week to talk about Talos' recently celebrated 10th birthday and talk a...
•
Episode 194
•
30:04
What should we be doing to better support open-source software?
People who maintain, create and update open-source software are the unsung heroes of the internet. Their work keeps much of our networks running on a daily basis, and the vast majority of them do it for free! While there are some security pitfa...
•
Episode 193
•
11:03
Threat actor trends and the most prevalent malware from the past quarter
Hazel Burton guest hosts this week to recap the top threats observed by Cisco Talos Incident Response (Talos IR) in the second quarter of 2024. She’s the...
•
Episode 192
•
15:57
You got a data breach notification. Now what?
Joe Marshall, Talos' resident ICS and IoT expert, and Pierre Cadieux from Talos Incident Response join Jon this week to discuss data breaches. Between Snowflake, AT&T, Ticketmaster and more, we should probably assume our data has been part ...
•
Episode 191
•
22:03
What we learned from studying the TTPs of the 14 most active ransomware groups
Fresh off an analysis of the 14 most active ransomware groups, James Nutland joins Jon this week to discuss his findings. They talk about the most common T...
•
Episode 190
•
8:15
Time to catch up on the wide-reaching Snowflake incident
Over 160 companies have been affected by a data breach at data storage company Snowflake, including Ticketmaster,
•
Episode 189
•
16:57
Everything we know about denial-of-service attacks in 2024
You may think a DDoS attack is so early aughts. But some of the largest attacks of this type have occurred in just the past few years. Talos recently updated our advice for how to best mitigate and prepare for this threat, so Aliza Johnson from...
•
Episode 188
•
10:10
The many shades of LilacSquid
Anna Bennett, one of Talos' threat hunters, joins the show this week to talk about one of her recent findings — the LilacSquid APT. This is a newly discovered threat actor that Talos ...
•
Episode 187
•
10:00
A mid-year checkin on Volt Typhoon
The Volt Typhoon threat actor is one of the longest-running cybersecurity storylines this year. The Chinese state-sponsored actor has already been accused of a range of...
•
Episode 186
•
11:20
How much has AI helped bad actors who spread disinformation?
Inspired by his quotes in a recent CNBC article, Jon Munshaw wanted to have Martin Lee on the show this week to discuss AI and how adversaries can use these tools to create deepfakes and disinformation. Martin shares why he thinks the threats o...
•
Episode 185
•
19:20
Recapping RSA
Nicole Hoffman, fresh off her trip to the RSA Conference, joins host Jon Munshaw this week to talk about her major takeaways from the week in San Francisco. Nicole talks about how most of the discussions on the floor centered around AI, and wha...
•
Episode 184
•
12:15
Why CoralRaider is looking to steal your login credentials
Joey Chen from Talos' Outreach team is here to tell us all about his research into the CoralRaider threat actor. He's helped write two posts on the recen...
•
Episode 183
•
6:45
4 takeaways from what Talos IR is seeing in the field
Hazel Burton steps in to host this week's episode as we cover the recent Cisco Talos Incident Response Quarterly Trends Report from the first quarter of this ye...
•
Episode 182
•
14:15
How to defend against brute force attacks
After a recent spike in brute force attempts targeting SSH and VPN services, we felt it was a go...
•
Episode 181
•
7:30
What are the dangers of enabling sideloading and third-party apps?
Apple now must allow users to be able to sideload apps onto their phones or access third-party app stores, thanks to
•
Episode 180
•
10:24
Why we need to stop calling as-a-service group takedowns "takedowns"
Hazel Burton and Thorsten Rosendahl join Jon Munshaw on this week's episode to discuss the problem with threat actor "hydras." They recently wrote about the topic for ...
•
Episode 179
•
12:20
Turla has been around for 20-plus years at this point, but they're still mixing things up
Holger Unterbrink of Talos Outreach joins the show this week to discuss his recent Turla APT research. This Russian state-sponsored actor has been around for years bu...
•
Episode 178
•
9:04
Why more actors are starting to use Telegram for their communications
Jon started noticing that Talos is finding more threat actors using Telegram nowadays for their communication and coordination, so he decided to bring Azim Khodjibaev on to ask him if he was just inventing this, or if it was a real trend. Turns...
•
Episode 177
•
10:25