Talos Takes
Cisco Talos
0
Every two weeks, host Amy Ciminnisi brings on a new guest from Talos or the broader Cisco Security world to break down a complicated security topic. We cover everything from breaking news to attacker trends and emerging threats.
Folgen
-
From evasion to detection: A guide to analyzing COM-based threats 02.07.2026 18Min.While the Component Object Model (COM) is a fundamental Windows technology that allows software to communicate and function, it's also a powerful tool for threat actors looking to move laterally, maintain persistence, and evade traditional security measures. Joining us is Vanya Svajcer, who shares his expertise on how to cut through the noise and identify malicious signals within COM-based binaries. Whether you are a seasoned researcher or just starting your journey into reverse engineering a...
-
Patching in the dark: Managing unknown threats in complex environments 18.06.2026 23Min.If you're tired of being told to "just patch," we understand. The threat landscape is evolving at breakneck speed, with AI-driven tools enabling adversaries to uncover and exploit vulnerabilities before defenders even know they exist. In this episode of Talos Takes, Amy sits down with Threat Intelligence Lead Pierre Cadieux to discuss how to defend against these unknown threats. We move past the simplified advice of "just patch everything" to explore the logistical, technical, and business re...
-
When synthetic logs don’t lie: Generating coherent attack stories for better detection 03.06.2026 19Min.Are your detection rules failing because your test data lacks the nuance of a real-world network? In this episode of Talos Takes, Amy sits down with David Bianco to discuss why traditional synthetic data often falls short and how his new open-source project, EvidenceForge, is changing the game. Synthetic datasets often look like telemetry but lack the critical causal links and realistic background noise that define actual adversary activity. EvidenceForge solves this by creating data th...
-
The trust paradox: How attackers weaponize legitimate SaaS platforms 07.05.2026 20Min.In this episode of Talos Takes, Amy Ciminnisi sits down with researcher Diana Brown to discuss the rise of "platform-as-a-proxy" (PAP) attacks. We explore how threat actors are weaponizing legitimate SaaS platforms like GitHub and Jira to deliver phishing campaigns that bypass traditional security filters. By leveraging the platforms' own infrastructure to send authenticated emails, attackers are exploiting the inherent trust employees place in these essential business tools. We break down th...
-
It's not you, it's your printer: State-sponsored and phishing threats in 2025 21.04.2026 28Min.In this episode, we unpack state-sponsored and phishing trends from the 2025 Talos Year in Review. Amy and Martin Lee explore the alarming rise of internal phishing campaigns that bypass traditional perimeter defenses, including the widespread weaponization of Microsoft 365's Direct Send feature. Beyond simple phishing, we analyze the aggressive, blended operations of state-sponsored actors from China and North Korea who are combining high-level zero-day exploits with sophisticated social eng...
-
2025's ransomware trends and zombie vulnerabilities 07.04.2026 22Min.In this episode, Amy and Pierre Cadieux unpack the ransomware and vulnerability trends that defined 2025. From the persistent ransomware threats targeting the manufacturing sector to the rise of stealthy "living off the land" tactics, we break down what these shifts mean for your defense strategy. Why are attackers are increasingly targeting your management infrastructure? How do you spot the difference between a system admin and a threat actor? Tune in to hear Talos' insights on how to move ...
-
Cybersecurity’s double-header: 2025 insights from Talos and Splunk 26.03.2026 31Min.In this episode of Talos Takes, Amy is joined by William Largent (Cisco Talos) and Lou Stella (Splunk) for a "double-header" discussion. With the recent release of the Cisco Talos 2025 Year in Review and the Splunk Top 50 Cybersecurity Threats report, we’re breaking down the most critical trends that shaped the security landscape last year — all based on Cisco telemetry, Talos' original research, and Talos Incident Response engagements. From the professionalization of ransomware-as-a-service ...
-
Modernizing your threat hunt 12.03.2026 23Min.In this episode of Talos Takes, David Bianco from Cisco Foundation AI joins Amy to demystify the world of proactive cyber defense. We explore the evolution of the PEAK Threat Hunting framework and talk through how security teams can modernize their approach to identifying risks before they escalate. David also provides an exclusive look at a new open-source tool designed to help hunters navigate the "prepare" phase of PEAK with ease. Whether you are building a new program from scratch o...
-
Holding the line: Service provider security 26.02.2026 29Min.Service providers are the backbone of modern connectivity — but why are they such attractive targets for cyber actors, and what happens when critical networks go down? In this episode, Martin Lee joins Amy to explore the shifting threat landscape for service providers, asking how defenders can spot silent intrusions, what trade-offs must be considered when patching, and how industry collaboration helps prevent widespread disruptions. Join us as we unpack real-world examples and offer practica...
-
IR Trends Q4 2025: Ransomware chills and phishing heats up 12.02.2026 13Min.What separates organizations that successfully fend off ransomware from those that don’t? What were the top threats facing organizations? Can we (pretty please) get a sneak peek into the 2025 Year in Review? Amy is joined by Dave Liebenberg, Strategic Analysis Team Lead, to break down key findings from Q4 2025's Cisco Talos Incident Response Quarterly Trends Report. From the top threats facing organizations — like the persistent exploitation of public-facing applications and the rise of new v...
-
Cracking the code: What encryption can (and can’t) do for you 28.01.2026 27Min.Step into the fascinating world of cryptography. Host Amy Ciminnisi sits down with Yuri Kramarz from Cisco Talos Incident Response and Tim Wadhwa-Brown from Cisco Customer Experience to learn what encryption really accomplishes, where it leaves gaps, and when defenders need to take proactive measures. Whether you’re picturing classic codebreakers or the latest quantum-proof ciphers, this episode unpacks the essentials: what encryption and hashing actually mean, why key management is a make-or...
-
Cybersecurity certifications and you 15.01.2026 27Min.Get ready for a brand-new era of Talos Takes! In the first episode of the year, Amy Ciminnisi, Talos’ Content Manager and new podcast host, steps up to the mic with Joe Marshall to explore certifications, one of cybersecurity’s overwhelming (and sometimes most controversial) topics. We dive into the world of vendor-specific and vendor-agnostic certs, the value they can bring to your career, and the barriers people often face to getting certified. Whether you’re a newcomer facing the sea of ch...
-
2015 vs 2025: What the Last Decade of Threats Taught Us 18.12.2025 45Min.In this special, end-of-year episode (and Hazel’s final show as host) Talos Takes goes on a time-travel adventure: What would a defender from 2015 think of the cybersecurity realities of 2025? Joined by Talos teammates Pierre Cadieux, Alex Ryan, and Joe Marshall, we compare the threats, tools, and challenges of 2015 with those of 2025. The team recalls where they were in their careers a decade ago, then dives deep into how ransomware has evolved, how APTs and state sponsored attacks hav...
-
When You’re Told “No Budget”: The Blueprint for Staying Secure 25.11.2025 24Min.What happens when your to-do list keeps growing but your budget doesn’t? Hazel is joined by three Cisco Talos Incident Response experts to talk about the reality many organizations face: rising threats, aging infrastructure, and fewer people to defend it all. From configuring what you already have, to open-source strategies, to the impact of cybersecurity layoffs, this episode is packed with practical guidance for securing your organization during an economic downturn. Resources mentioned: ht...
-
How Attackers Use Your Own Tools Against You (IR trends Q3 2025) 13.11.2025 11Min.In this episode of Talos Takes Hazel sits down with Talos' Bill Largent and Craig Jackson to discuss the latest Cisco Talos Incident Response Quarterly Trends Report (Q3 2025). From a wave of Toolshell events, to a rise in post-exploitation phishing, and the misuse of legitimate tools like Velociraptor, this quarter’s cases all point to a theme: attackers are getting very good at living off what’s already in your environment. Read the full report at https://blog.talosintelligence.com/ir-...
-
Passwordless Security: Debunking the Biggest Myths 24.10.2025 15Min.On this episode of Talos Takes, Hazel welcomes Cisco Duo experts Steven Leung and Tess Mishoe to bust the most common myths around passwordless security and multi-factor authentication (MFA). Discover why not all MFA is created equal, why passwordless doesn't mean less security, and the most seamless way to adopt passwordless solutions. Plus, learn the truth about how passwordless may affect compliance and audits, and whether passwordless really is more vulnerable to phishing.
-
You Can't Patch Burnout: When Cybersecurity Takes a Toll 02.10.2025 47Min.Every October, Cybersecurity Awareness Month brings a wave of tips: update your software, enable MFA, use strong passwords. But what good is any of that if the people behind the defenses are feeling burned out? In this episode of Talos Takes, Hazel sits down with Joe Marshall for a candid, vulnerable conversation about the human cost of cybersecurity. Joe opens up about his experience during the VPNFilter campaign — months of secrecy, long hours, immense pressure, and the trauma it left behin...
-
Tampered Chef: When Malvertising Serves Up Infostealers 18.09.2025 11Min.Imagine downloading a PDF Editor tool from the internet that works great...until nearly two months later, when it quietly steals your credentials. That’s the reality of “Tampered Chef,” a malvertising campaign that preyed on users searching for everyday software. In this episode, Nick Biasini explains how cybercriminals are investing in "malvertising", why enterprises are prime targets, and why there are additional challenges when it comes to defending against time-delayed attacks.
-
Inside the Black Hat NOC: Lessons in Securing One of the Wildest Networks 03.09.2025 23Min.How do you build and defend a network where attacks are not just expected-they're part of the curriculum? In this episode, Hazel talks with Jessica Oppenheimer, Director of Security Operations at Cisco, about the ten years she's spent in the Black Hat Network Operations Center (NOC). Explore the technical challenges of segmenting and monitoring a network designed for experimentation, live hacking, and hands-on training, including how malicious and benign behaviors are distinguished in real ti...
-
Breaking Down Chaos: Tactics and Origins of a New RaaS Operation 01.08.2025 15Min.Hazel is joined by threat intelligence researcher James Nutland to discuss Cisco Talos’ latest findings on the newly emerged Chaos ransomware group. Based on real-world incident response engagements, James breaks down Chaos’ fast, multi-threaded encryption, their use of social engineering and remote access tools like Quick Assist, and the group’s likely connections to former BlackSuit operators. James also shares what defenders should be watching for and how to stay ahead of evolving ransomwa...
Beliebt in
Dieser Podcast erscheint auch in den Podcast-Charts dieser Länder.