Every week, host Jon Munshaw brings on a new guest from Talos or the broader Cisco Secure world to break down a complicated security topic in just five or 10 minutes. We cover everything from breaking news to attacker trends and emerging threats.
…
continue reading
Threats, Beers, and No Silver Bullets. Listen to Talos security experts as they bring their hot takes on current security topics and Talos research to the table. Along the way, Mitch, Matt and a rotating chair of special guests will talk about anything (and we mean anything) that's on their minds, from the latest YouTube trends to Olympic curling etiquette. New episodes every other Thursday.
…
continue reading
Security Conversations covers the business of cybersecurity, from the lens of veteran journalist and storyteller Ryan Naraine. Thoughtful conversations with security practitioners on threat intelligence, zero trust, securing cloud deployments, penetration testing, bug bounties, advancements in offensive research and targeted malware espionage activity. Connect with Ryan on Twitter (Open DMs).
…
continue reading
The Cisco TAC Security Podcast Series is created by Cisco TAC engineers. Each episode provides an in-depth technical discussion of Cisco product security features, with emphasis on troubleshooting.
…
continue reading
Welcome to the Plaintext Podcast! I'm Dave Lewis, Global Advisory CISO for Cisco. The idea here is an interview based series where I sit down with current and former CISOs to discuss how they got to where they are in their careers. We’ll talk about where they started and lessons learned along the way (lessons learned by falling on swords). If you, the listeners, have suggestions as to who you'd like to see join me on the show email me "hacker @ duo dot com
…
continue reading
1
What are the dangers of enabling sideloading and third-party apps?
10:24
10:24
Play later
Play later
Lists
Like
Liked
10:24
Apple now must allow users to be able to sideload apps onto their phones or access third-party app stores, thanks to a law from the European Union that went into effect earlier this year. Terryn Valikodath from Cisco Talos Incident Response joins Jon this week to discuss the potential dangers that come with allowing users to sideload apps onto thei…
…
continue reading
1
Why we need to stop calling as-a-service group takedowns "takedowns"
12:20
12:20
Play later
Play later
Lists
Like
Liked
12:20
Hazel Burton and Thorsten Rosendahl join Jon Munshaw on this week's episode to discuss the problem with threat actor "hydras." They recently wrote about the topic for the Talos blog, highlighting how law enforcement takedowns of these groups are closer to just disruptions or setbacks for these massive actors. They talk about what really needs to be…
…
continue reading
1
Cris Neckar on the early days of securing Chrome, chasing browser exploits
54:36
54:36
Play later
Play later
Lists
Like
Liked
54:36
Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) XZ.fail backdoor detector (https://xz.fail) Cris Neckar is a veteran security researcher now working as a partner at Two Bear Capital. In this episode, he reminisces on the early days of hacking at Neohapsis, his time on the Google Chrome security team, shenanigans at…
…
continue reading
Power grid security expert Joe Marshall joins the crew today to talk all things, well, power grid security. But not before he gets an impromptu pop quiz from Matt in the roundtable. Joe then tells some stories from his days working in electric utility, deploying new systems and his experiences with pentesting teams ("Wow, y'all need to stop!"). Plu…
…
continue reading
1
Costin Raiu joins the XZ Utils backdoor investigation
51:33
51:33
Play later
Play later
Lists
Like
Liked
51:33
Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) XZ.fail backdoor detector (https://xz.fail) Malware paleontologist Costin Raiu returns for an emergency episode on the XZ Utils software supply chain backdoor. We dig into the timeline of the attack, the characteristics of the backdoor, affected Linux distributions, a…
…
continue reading
1
Turla has been around for 20-plus years at this point, but they're still mixing things up
9:04
9:04
Play later
Play later
Lists
Like
Liked
9:04
Holger Unterbrink of Talos Outreach joins the show this week to discuss his recent Turla APT research. This Russian state-sponsored actor has been around for years but is regularly adding new tooling to its arsenal. Holger has new details about their latest tool, TinyTurlaNG, and insight into the types of organizations they're targeting.…
…
continue reading
1
Why more actors are starting to use Telegram for their communications
10:25
10:25
Play later
Play later
Lists
Like
Liked
10:25
Jon started noticing that Talos is finding more threat actors using Telegram nowadays for their communication and coordination, so he decided to bring Azim Khodjibaev on to ask him if he was just inventing this, or if it was a real trend. Turns out it's a real trend! Azim fills listeners in on why Telegram is becoming the app of choice for APTs to …
…
continue reading
Matt, Mitch and Lurene discuss if the internet is better or worse today than it was 20 years ago. This leads them to discuss their various career paths, with Lurene talking about how she got into vulnerability exploitation and how Matt got into threat intelligence. And why neither of those paths would be recommended today. Lurene and Matt then clas…
…
continue reading
1
Why no one should be relying on passive security in 2024
8:17
8:17
Play later
Play later
Lists
Like
Liked
8:17
Nick Biasini joins Jon this week to talk about passive security. He recently wrote about this topic for the Talos blog and joined Wendy Nather in discussing the merits of passive security versus active blocking. Nick defines what passive security is, exactly, and why it's not the way to go in the modern age.…
…
continue reading
1
What's new about GhostSec's ransomware-as-a-service model
12:06
12:06
Play later
Play later
Lists
Like
Liked
12:06
Chetan Raghuprasad from the Talos Outreach team joins Talos Takes this week to talk to Jon about the GhostSec threat actor that he and a few colleagues wrote about for the Talos blog. GhostSec has teamed up with another ransomware group to carry out double extortion attacks all over the globe, with increasing frequency over the past year. They disc…
…
continue reading
Now more than ever, adversaries are logging in, not breaking in. They're stealing legitimate user credentials to hide undetected on a targeted network after acquiring said credentials in a variety of ways. Hazel Burton joins Jon Munshaw this week to discuss identity attacks, recommendations for avoiding them, and how QR code phishing plays into the…
…
continue reading
Gergana Karadzhova-Dangela and Thorsten Rosendahl, our resident experts on all things European Union cybersecurity law, join the show this week to talk about the impending NIS2 regulations. Don't worry, you've still got plenty of time to work on them, but this is a good place to get started even if you've never seen the phrase "NIS2" before. Find m…
…
continue reading
You will no doubt have seen the advisories published over the last few weeks concerning Volt Typhoon's malicious activities. In this episode, JJ Cummings joins the crew to discuss the background to this threat actor, their impact on the threat landscape, and the covertly strategic (and specific) nature of their operations. The team also discusses t…
…
continue reading
1
Case study: How Talos IR helped a healthcare tech company avoid a ransomware attack
49:20
49:20
Play later
Play later
Lists
Like
Liked
49:20
Reposted from the Cisco Security Stories feed: Meet Jeremy Maxwell, CISO of Veradigm, a healthcare IT company. Jeremy discusses how his organization proactively prepares for cybersecurity incidents within a highly regulated industry.By Cisco Talos
…
continue reading
Matt, Mitch and Lurene sit down to discuss “random stuff from Reddit” (don’t be put off – they’re all genuinely interesting security questions!). Topics range from password managers and how password security guidance has become outdated, how to ‘self-learn’ in cybersecurity, and thoughtful approaches towards security incidents. Before that, the tea…
…
continue reading
1
How are attackers using malicious drivers in Windows to stay undetected?
11:36
11:36
Play later
Play later
Lists
Like
Liked
11:36
Chris Neal from Talos Outreach joins the show today to talk about his research into the ways adversaries are using malicious drivers on Windows to spread malware. He recently launched a new series on the Talos blog about the basics of drivers and how security researchers can reverse engineer them to learn more about attacker TTPs and develop new de…
…
continue reading
1
(XL Edition): Talos IR recaps the top threats of Q4 2023
17:18
17:18
Play later
Play later
Lists
Like
Liked
17:18
This week, we're bringing you the audio version of our recent Talos IR On Air video. Several Talos incident responders got together to recap the top threats and attacker trends of Q4 2023, as outlined in our full Quarterly Trends Report. Hear about why ransomware was up for the first time the entire year, and which sectors were being targeted most …
…
continue reading
1
Katie Moussouris on building a different cybersecurity businesses
29:50
29:50
Play later
Play later
Lists
Like
Liked
29:50
Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) FwHunt (https://fwhunt.run) Katie Moussouris founded Luta Security in 2016 and bootstrapped it into a profitable business with a culture of equity and healthy boundaries. She is a pioneer in the world of bug bounties and vulnerability disclosure and serves in multiple…
…
continue reading
1
What's new with CVSS 4.0, and does it really change anything?
9:29
9:29
Play later
Play later
Lists
Like
Liked
9:29
We're talking about vulnerabilities this week with Jerry Gamblin from Cisco Vulnerability Management. Jerry joins the show to talk about the release of CVSS 4.0 this year — the newest method the security community will use to score the severity of certain vulnerabilities. Jerry discusses what makes this scoring system different from previous iterat…
…
continue reading
1
Costin Raiu: The GReAT exit interview
1:32:13
1:32:13
Play later
Play later
Lists
Like
Liked
1:32:13
Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) FwHunt (https://fwhunt.run) Costin Raiu has spent a lifetime in anti-malware research, working on some of the biggest nation-state APT cases in history, including Stuxnet, Duqu, Equation Group, Red October, Turla and Lazarus. In this exit interview, Costin digs into w…
…
continue reading
In this special edition of the show, we're bringing you the audio version of our Year in Review livestream. Recorded at the end of December, this stream included Hazel Burton, Nick Biasini and Laurie Varner from Cisco Talos Incident Response recapping the year that was in cybersecurity. They covered the highlights of our 2023 Year in Review report,…
…
continue reading
1
Danny Adamitis on an 'unkillable' router botnet used by Chinese .gov hackers
34:07
34:07
Play later
Play later
Lists
Like
Liked
34:07
Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) FwHunt (https://fwhunt.run) Danny Adamitis is a principal information security engineer at Black Lotus Labs, the threat research division within Lumen Technologies. On this episode of the show, we discuss his team's recent discovery of an impossible-to-kill botnet pac…
…
continue reading
1
Year in Review: Why are attackers targeting the telecommunications sector so often?
7:30
7:30
Play later
Play later
Lists
Like
Liked
7:30
We're back from holiday break with the first new Talos Takes episode of 2024! We're continuing our dive into Talos' Year in Review report with Lexi DiSchola, one of the many researchers who helped put this report together. She discusses why we believe the telecommunications sector was the most-targeted industry in 2023, advice for companies in that…
…
continue reading
1
Allison Miller talks about CISO life, protecting identities at scale
38:12
38:12
Play later
Play later
Lists
Like
Liked
38:12
Episode sponsors: Binarly, the supply chain security experts (https://binarly.io) FwHunt (https://fwhunt.run) Allison Miller is founder and CEO of Cartomancy Labs and former CISO and VP of Trust at Reddit. She has spent the past 20 years scaling teams and technology at Bank of America, Google, Electronic Arts, PayPal/eBay, and Visa International. I…
…
continue reading
1
Talos Speed Dating (the episode we never set out to make but did anyway)
1:08:28
1:08:28
Play later
Play later
Lists
Like
Liked
1:08:28
Mitch, Matt and Lurene were almost about to be in the same physical space at the same time to record an episode, and then Lurene couldn't make it...so we made this instead! Mitch is joined by Azim Khodjibaev from the Talos Threat Intelligence and Interdiction team to rapid-fire interview a bunch of Talos employees who happened to be around the Mary…
…
continue reading
1
Year in Review: Why was 2023 the year of data theft extortion?
9:19
9:19
Play later
Play later
Lists
Like
Liked
9:19
Jon apologizes for how he sounds in this episode, he was having mic troubles we discovered only during post-production. But outside of that, we continue the series of episodes recapping 2023 with our Year in Review report. This week, Aliza Johnson from the Talos Threat Intelligence & Interdiction team comes on the show to talk about data theft exto…
…
continue reading
1
2023 Year in Review: Everything you need to know about Chinese state-sponsored actors
8:00
8:00
Play later
Play later
Lists
Like
Liked
8:00
To celebrate the launch of our 2023 Year in Review report, we're doing a series of episodes highlighting several of our key takeaways from the past year. First up, we have David Liebenberg from our Threat Intelligence team to discuss Chinese state-sponsored actors. This is an area David's been studying for many years now and actively researches. He…
…
continue reading
1
Rob Ragan on the excitement of AI solving security problems
51:16
51:16
Play later
Play later
Lists
Like
Liked
51:16
Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Rob Ragan, principal architect and security strategist at Bishop Fox, joins the show to share insights on scaling pen testing, the emergence of bug bounty programs, the value of attack surface management, and the role of AI in cybersecurity. We dig into the importance of pro…
…
continue reading
1
The TurkeyLurkey Man wants YOU to read the Talos 2023 Year in Review report
1:03:20
1:03:20
Play later
Play later
Lists
Like
Liked
1:03:20
We recorded this episode AFTER Thanksgiving, so you'll need to forgive us for the amount of Thanksgiving talk that doesn't actually apply until Thanksgiving 2024. It all evens out in the end because the annual "Ranksgiving" from special guest David Liebenberg results in the creation of TurkeyLurkey Man. Then, TurkeyLurkey Man helps the rest of the …
…
continue reading
1
Inside Talos' effort to protect the Ukrainian power grid
11:00
11:00
Play later
Play later
Lists
Like
Liked
11:00
Joe Marshall, a central figure in the story of how Cisco Talos and other teams within Cisco worked together to protect the Ukrainian power grid, joins the show this week. He recaps a recent CNN story highlighting the new piece of equipment he and a group of volunteers worked on together to ensure the clocks that power the Ukrainian electric grid ca…
…
continue reading
1
Seth Spergel on venture capital bets in cybersecurity
28:56
28:56
Play later
Play later
Lists
Like
Liked
28:56
Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Seth Spergel is managing partner at Merlin Ventures, where he is responsible for identifying cutting-edge companies for Merlin to partner with and invest in. In this episode, Seth talks about helping startups target US federal markets, the current state of deal sizes and val…
…
continue reading
1
Why has the Phobos ransomware been working for so long?
13:07
13:07
Play later
Play later
Lists
Like
Liked
13:07
Guilherme Venere from Talos Outreach joins the show this week to talk about his research into the 8Base threat actor and its use of a variant of the Phobos ransomware. He recently published several works on the many variants of Phobos that exist in the wild, and why 8Base has been so successful using it for years now.…
…
continue reading
1
Dan Lorenc on fixing the 'crappy' CVE ecosystem
41:45
41:45
Play later
Play later
Lists
Like
Liked
41:45
Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Dan Lorenc is CEO and co-founder of Chainguard, a company that raised $116 million in less than two years to tackle open source supply chain security problems. In this episode, Dan joins Ryan to chat about the demands of building a "growth mode" startup, massive funding roun…
…
continue reading
1
A warning about scams in "Roblox" (or any other online game, really)
10:09
10:09
Play later
Play later
Lists
Like
Liked
10:09
Tiago Pereira from Talos Outreach joins the program this week to talk about his research into the different types of scams that appear in the online game "Roblox." Many underage users are at risk of being targeted by malicious users looking to steal their money, in-game items or even install malware on their devices.…
…
continue reading
1
Cisco Talos researcher Nick Biasini on chasing APTs, mercenary hackers
31:27
31:27
Play later
Play later
Lists
Like
Liked
31:27
Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Nick Biasini has been working in information security for nearly two decades. In his current role as head of outreach for Cisco Talos Intelligence Group, he leads a team of threat researchers tasked with tracking nation-state APTs, mercenary hacker groups and ransomware cybe…
…
continue reading
1
XL Edition: The top incident response trends of Q3
30:45
30:45
Play later
Play later
Lists
Like
Liked
30:45
This week is a special edition of Talos Takes. We have the audio version of Talos Incident Response's recent On Air stream, where they discussed the top attacker trends they're seeing in the field. Talos' incident responders discuss the malware they're seeing most often in infections, how attackers are shifting their tactics, and what other defende…
…
continue reading
It's that time of the quarter again when we sit down to look at what we learned over the past three months. Caitlin Huey from the Talos Threat Interdiction Team joins the show for this special look at the latest Talos Incident Response Quarterly Trends report. Caitlin's team helps compile these reports and digs through mountains of data to find out…
…
continue reading
1
Allison Nixon on disturbing elements in cybercriminal ecosystem
48:39
48:39
Play later
Play later
Lists
Like
Liked
48:39
Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Allison Nixon is Chief Researcher at Unit 221B and a trailblazer in the world of cybercrime research. In this episode, we deep-drive into the shadowy dynamics of underground criminal communities, high-profile ransomware attacks, teenage hacking groups breaking into big compa…
…
continue reading
Jerry Gamblin from Cisco Kenna joins this week's episode to talk about all things patching. If you're the average user, you probably don't think about patching much because many of them happen automatically in the background. However many admins and users can unknowingly fall behind when it comes to protecting themselves against the latest vulnerab…
…
continue reading
1
What happens when you actually click the "report spam" button?
8:29
8:29
Play later
Play later
Lists
Like
Liked
8:29
Everyone is tired of getting spam emails at this point, and it can feel exhausting always to click that "report spam" button just to get another phony email a few hours later. But we're here to assure you that reporting and filtering spam really does help in the long run! Nick Biasini joins the show this week to discuss all things spam for Cybersec…
…
continue reading
1
How to find the right password management solution for you
7:33
7:33
Play later
Play later
Lists
Like
Liked
7:33
To continue our Cybersecurity Awareness Month series, Harpreet Singh from Talos Incident Response joins Jon to talk about password managers. They discuss the upside of using a third-party service like 1Password or LastPass, the potential dangers of using built-in browser password managers like Google Chrome and Safari, and other good password hygie…
…
continue reading
1
Cybersecurity Awareness Month: The best practices for implementing multi-factor authentication
16:16
16:16
Play later
Play later
Lists
Like
Liked
16:16
All of October, we'll be covering broad security-related topics for Cybersecurity Awareness Month. First up, we address the basics of implementing MFA in any environment, why any type of MFA is better than no MFA, the pitfalls of certain types of authentication, and whether going passwordless is the future.…
…
continue reading
1
Inside a Talos Incident Response emergency event
15:39
15:39
Play later
Play later
Lists
Like
Liked
15:39
Hazel Burton takes over as guest host for this episode as she talks to Nate Pors from Cisco Talos Incident Response. Nate was part of Talos IR's team that helped Veradigm, a healthcare technology company, prevent a Qakbot ransomware attack. Nate and his team recently wrote about this experience for the Talos blog, and Veradigm's CISO even joined th…
…
continue reading