Talos Takes

The dark web sounds scary — and it is. But what exactly does this dark web consist of? Despite what the name may suggest, it’s actually not people selling organs or stolen video games that happened to fall off the back of a truck. But what is actually on these forums? Azim Khodjibaev joins Jon Munshaw this week to discuss his experience with the dark web.

We use the term “APT” in cyber security a lot. But what does it mean, exactly? Does a group have to break a certain threshold to become an APT? Does the term refer to a specific malware family or a group of actors? On this week’s Talos Takes, Jon Munshaw talks to Azim from Talos’ Threat Intelligence team about this very topic.

Everyone is meeting virtually now. Whether it be important business or the average happy hour with friends and family, there’s no shortage of invites to chat rooms, presentations and software you’ve never heard of before you started working from home. And, of course, this software comes with its own set of security concerns and vulnerabilities. So Matt Valites joins Jon Munshaw this week to talk about the basics of securing your next friendly meetup or presentation to the board.

The value of cryptocurrencies is nowhere near where it was just two years ago. So does that mean cryptominers have gone away as a threat? Jon Munshaw and Nick Biasini sit down in this episode of Talos Takes to discuss where cryptominers stand in 2020. Why aren’t we reading about them as much? And why is being hit with one a sign of worse things to come?

We published our findings on a ransomware family known as MedusaLocker last week. On its surface, it’s just like any other ransomware family — steals your stuff, encrypts it, and asks for some money to get it back. But there are some secret tricks hidden beneath the surface, and Edmund Brumaghin is here to talk about them.

Threat actors all over the place are trying to capitalize on COVID-19. We recently discovered a campaign we’re calling “PoetRAT” using lure documents themed around the pandemic attempting to trick victims into downloading malware. In this week’s Talos Takes episode, Nick Biasini chats with one of the researchers on the project, Warren Mercer, about this threat.

Threat researchers like to throw around the acronym “FUD” a lot. But is FUD, exactly? Why should you look out for it? And why do attackers win when they sow FUD? Joe Marshall and Jon Munshaw walk you through fear, uncertainty and doubt and discuss why panic and misinformation play right into attackers’ hands.

Earlier this week, we released an in-depth blog post on fingerprint scanners used as physical security gates on devices. To save you a bit of time, and to summarize it for those non-technical folks out there, Nick Biasini and Jon Munshaw dedicate this episode to breaking down Talos’ research. What was the endgame of our research? And can you rely only on your fingerprint to keep your device secure?

People across the world are working from home now, and employers are increasingly turning to VPN services and Windows Remote Desktop Protocol to make sure their workers have access to their files. In this Talos Takes episode, we run down some common security concerns with these services and discuss what employees should do to stay safe while accessing their files online.

Now that Cisco Incident Response has been a part of the Talos family for a few months now, we figured it was time to check back in with them. On this episode of Talos Takes, Brad Garnett from CTIR joins the show to talk about his organization’s new Cyber Range offering, part of the standard CTIR retainer. Brad discusses how a Cyber Range exercise can prepare your organization for the worst and how it helps dispel some myths around what happens during a cyber intrusion.