This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Player FM - Internet Radio Done Right
28 subscribers
Checked 14d ago
추가했습니다 five 년 전
Cisco Talos에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Cisco Talos 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Talos Takes와 비슷한 콘텐츠
S
Security Weekly Podcast Network (Audio)
1
Security Weekly Podcast Network (Audio)
Security Weekly Productions
2k
3k
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
How does artificial intelligence change when people — not profit — truly come first? Join IRL’s host Bridget Todd, as she meets people around the world building responsible alternatives to the tech that’s changing how we work, communicate, and even listen to music.
…
continue reading
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Player FM -팟 캐스트 앱
Player FM 앱으로 오프라인으로 전환하세요!
Player FM 앱으로 오프라인으로 전환하세요!
))
Daily Deals
Why are "identity attacks" on the rise?
Manage episode 404071597 series 2800269
Cisco Talos에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Cisco Talos 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Now more than ever, adversaries are logging in, not breaking in. They're stealing legitimate user credentials to hide undetected on a targeted network after acquiring said credentials in a variety of ways. Hazel Burton joins Jon Munshaw this week to discuss identity attacks, recommendations for avoiding them, and how QR code phishing plays into these tactics.
214 에피소드
공유Manage episode 404071597 series 2800269
Cisco Talos에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Cisco Talos 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Now more than ever, adversaries are logging in, not breaking in. They're stealing legitimate user credentials to hide undetected on a targeted network after acquiring said credentials in a variety of ways. Hazel Burton joins Jon Munshaw this week to discuss identity attacks, recommendations for avoiding them, and how QR code phishing plays into these tactics.
214 에피소드
All episodes
×
T
Talos Takes
1 How cybercriminals are camouflaging threats as fake AI tool installers 17:05
17:05 
나중에 재생 
나중에 재생 
리스트 
좋아요 
좋아요17:05
나중에 재생 나중에 재생 리스트 좋아요 좋아요Chetan Raghuprasad joins Hazel to discuss his threat hunting research into fake AI tool installers, which criminals are using to distribute ransomware, RATS, stealers and other destructive malware. He discusses the attack chain of three different campaigns, including one which even tries to justify its ransom as "humanitarian aid." For the full research, read Chetan's blog at https://blog.talosintelligence.com/fake-ai-tool-installers/…
T
Talos Takes
1 Inside the attack chain: A new methodology for tracking compartmentalized threats 16:29
16:29 나중에 재생 나중에 재생 리스트 좋아요 좋아요16:29
나중에 재생 나중에 재생 리스트 좋아요 좋아요Edmund Brumaghin joins Hazel to discuss how threat actors (including state sponsored attackers), are increasingly compartmentalizing their attacks i.e they're bringing in specialist skillsets from other groups to handle different aspects of the attack chain. Edmund discusses why this is happening, and the challenges this poses for defenders when it comes to attribution and reporting. He then discusses several solutions which seek to evolve traditional threat modelling, and help provide clarity to defenders. More details can be found in this blog https://blog.talosintelligence.com/compartmentalized-threat-modeling/ If you're interested in our other blog on initial access groups, that can be found at https://blog.talosintelligence.com/redefining-initial-access-brokers/…
T
Talos Takes
1 Follow the motive: Rethinking defense against Initial Access Groups 16:38
16:38 나중에 재생 나중에 재생 리스트 좋아요 좋아요16:38
나중에 재생 나중에 재생 리스트 좋아요 좋아요In this episode, Hazel welcomes Talos researcher Ashley Shen to discuss the evolution of initial access brokers (IABs) and the importance of distinguishing between different types of IABs. We talk about the need for a new taxonomy to categorize IABs into three types: financially motivated (FIA), state-sponsored (SIA), and opportunistic (OIA) initial access groups. This taxonomy aims to improve threat modeling and defense strategies by providing a clearer understanding of the motivations and behaviors of different IABs. For more details, check out the blog that Ashley co-authored with other Talos researchers https://blog.talosintelligence.com/redefining-initial-access-brokers/…
T
Talos Takes
1 Year in Review special pt. 4: How AI is influencing the threat landscape? 32:19
32:19 나중에 재생 나중에 재생 리스트 좋아요 좋아요32:19
나중에 재생 나중에 재생 리스트 좋아요 좋아요A jam packed episode of guests means a slightly longer Talos Takes for your feed today! We welcome Amy Chang and Omar Santos from Cisco, Vitor Ventura from Talos, and Ryan Fetterman from Splunk. Together, we discuss how AI isn't rewriting the cybercrime playbook, but it is turbo charging some of the old tricks, particularly on the social engineering side. We also touch on threat actor-built LLMs and where things may be headed. We then talk about how defensive strategies can leverage AI, particularly in the SOC, to increase visibility and make determinations a lot quicker. Resources mentioned in the episode: Talos' 2024 Year in Review Cisco's State of AI Security report Defending at machine speed, by Splunk…
T
Talos Takes
Steven Leung from Cisco Duo joins Hazel to discuss the prevalence of identity-based attacks, why they're happening, and the various methods attackers are using to circumvent MFA (Multi-Factor Authentication), based on data in Talos' 2024 Year in Review. Topics we touch on include phishing, push spray attacks, and Adversary-in-the Middle campaigns, and throughout the episode Steven provides best practice recommendations for implementing MFA at scale, without increasing user friction. For more resources, check out the Duo blog , and Talos' 2024 Year in Review .…
T
Talos Takes
1 Year in Review special part 2: The biggest ransomware trends 18:41
18:41 나중에 재생 나중에 재생 리스트 좋아요 좋아요18:41
나중에 재생 나중에 재생 리스트 좋아요 좋아요Azim Khodjibaev and Lexi DiScola join Hazel to discuss some of the most prolific ransomware groups (and why LockBit may end this year very differently to how they ended 2024). They also discuss the dominant techniques of ransomware actors, where low-profile tactics led to high-impact consequences. For the full analysis, download Talos' 2024 Year in Review at https://blog.talosintelligence.com/2024yearinreview/…
T
Talos Takes
1 Year in Review special part 1: vulnerabilities, email threats, and adversary tooling 18:15
18:15 나중에 재생 나중에 재생 리스트 좋아요 좋아요18:15
나중에 재생 나중에 재생 리스트 좋아요 좋아요Talos researchers Martin Lee and Thorsten Rosendahl join Hazel for the first of our dedicated episodes on the top findings from Talos' 2024 Year in Review. We discuss the vulnerabilities that attackers most targeted, how this compares with CISA's list, and how to protect network devices. Given how email lures are evolving, we spend some time chatting about how the current world news cycle may play into adversary's campaign cycles. And finally we touch on how to spot signs that your own sysadmin tools may be being used against you. For the full report, head to https://blog.talosintelligence.com/2024yearinreview/…
Have you ever wondered what it takes to put on a major event like a World Cup or the Olympics, and all the cybersecurity and threat intelligence that needs to be done beforehand? Today’s episode is all about that. Hazel is joined by one of our global Cisco Talos Incident Response leaders, Yuri Kramarz, who has helped some of the biggest events around the world take place securely. We chat about risk factors, focus areas such as endpoint protection, threat hunting and incident response, and what to do in the hours and minutes leading up to the event. Check out the document we mention - a full blueprint on how to protect major events: https://blog.talosintelligence.com/protecting-major-events-blueprint-october-2024-update/…
T
Talos Takes
1 Why attackers are using hidden text salting to evade email filters 9:59
9:59 나중에 재생 나중에 재생 리스트 좋아요 좋아요9:59
나중에 재생 나중에 재생 리스트 좋아요 좋아요In this episode Hazel chats with Omid Mirzaei, a security research lead in the email threat research team at Cisco Talos. Omid and several Talos teammates recently released a blog on hidden text salting (or poisoning) within emails and how attackers are increasingly using this technique to evade detection, confuse email scanners, and essentially try and get phishing emails to land in people’s inboxes. Hidden text salting is a simple yet effective technique for bypassing email parsers, confusing spam filters, and evading detection engines that rely on keywords. The idea is to include some characters into the HTML source of an email that are not visually recognizable. For more, head to the Talos blog…
T
Talos Takes
1 How to establish a threat intelligence program (Cisco Live EMEA preview) 16:01
16:01 나중에 재생 나중에 재생 리스트 좋아요 좋아요16:01
나중에 재생 나중에 재생 리스트 좋아요 좋아요It's an European takeover this week, as Hazel sits down with Talos EMEA threat researchers Martin Lee and Thorsten Rosendahl. They're heading to Cisco Live EMEA next week (February 9-14) to deliver a four hour session on how to establish a threat intelligence program. If you can't make it - here's a 15 minute version! Thorsten and Martin provide best practices for threat intelligence, the different flavors of it (tactical, operational, and strategic), and the significance of curiosity and learning from failures. If you haven't already, check out Martin's introductory course to threat intelligence in collaboration with Cisco’s Networking Academy. This course is free for all, and is intended to give an overview of the domain for someone without prior knowledge which can be used as a starting point for further study or employment.…
T
Talos Takes
1 Web shell frenzies, the first appearance of Interlock, and why hackers have the worst cybersecurity: IR Trends Q4 2024 13:59
13:59 나중에 재생 나중에 재생 리스트 좋아요 좋아요13:59
나중에 재생 나중에 재생 리스트 좋아요 좋아요Joe Marshall and Craig Jackson join Hazel to discuss the biggest takeaways from Cisco Talos Incident Response's latest Quarterly Trends report. This time the spotlight is on web shells and targeted web applications – both have seen large increases. There’s a brand new ransomware actor on the scene – we’ll talk about the new Interlock ransomware and how we’ve seen this group show up this quarter. Plus, Talos IR observed threat actors using remote tooling in 100% of ransomware incidents this quarter – that’s a significant uptick. For the full report head to blog.talosintelligence.com/talos-ir-trends-q4-2024/…
Hazel sits down with Vanja Svajcer from Talos' threat research team. Vanja is a prolific malware hunter and this time he's here to talk about vulnerable Windows drivers. We've been covering these drivers quite a bit on the Talos blog over the last year, and during our research we investigated classes of vulnerabilities typically exploited by threat actors as well as the payloads they typically deploy post-exploitation. The attacks in which attackers are deliberately installing known vulnerable drivers only to later exploit them is a technique referred to as Bring Your Own Vulnerable Driver (BYOVD). If you're curious about this topic and the recommendations our team has to help you address vulnerable drivers in your environment, then this episode is for you. The full research can be found at https://blog.talosintelligence.com/exploring-vulnerable-windows-drivers/…
T
Talos Takes
1 It's the 35th anniversary of ransomware - let's talk about the major shifts and changes 23:28
23:28 나중에 재생 나중에 재생 리스트 좋아요 좋아요23:28
나중에 재생 나중에 재생 리스트 좋아요 좋아요Ransomware is 35 years old this month, which isn't exactly something to celebrate. But in any case, do join Hazel and special guest Martin Lee to discuss what happened in the very first ransomware incident in December 1989 and why IT "wasn't ready". They then discuss how ransomware evolved to become the criminal entity it is today, which involves looking back on the likes of SamSam, Maze and the emergence of crypto currencies. Plus, learn why Martin says we shouldn't feel powerless in the face of ransomware.…
T
Talos Takes
Chetan Raghuprasad is our guest today as he breaks down the relatively new Interlock ransomware attack. Cisco Talos Incident Response recently observed this attacker conducting big-game hunting and double extortion attacks. Chetan talks about the initial access tactics, deployment of the ransomware encryptor, and how Interlock communicates with its victims using their “Worldwide Secrets Blog”. For the full analysis, head to https://blog.talosintelligence.com/emerging-interlock-ransomware/…
T
Talos Takes
1 It's Taplunk! Talos and Splunk threat researchers meet to put the security world to rights 50:38
50:38 나중에 재생 나중에 재생 리스트 좋아요 좋아요50:38
나중에 재생 나중에 재생 리스트 좋아요 좋아요What happens when two sets of threat researchers from Talos and Splunk's SURGe team meet? Aside from some highly controversial opinions and omissions about the best horror movie, the team discuss what security trends are FUD, and what's actually fearful/ most challenging at the moment. Also, what is the security industry not aware of enough, and also too aware of? Plus some thoughts on cybersecurity awareness training and how we can do better. This is a great conversation facilitated by SURGe's Mick Baccio, with Joe Marshall and Nick Biasini from Talos, and Tamara Chacon and Audra Streetman from SURGe. Catch up on all the latest and greatest threat research from our friends at SURGe at https://www.splunk.com/en_us/surge.html…
플레이어 FM에 오신것을 환영합니다!
플레이어 FM은 웹에서 고품질 팟캐스트를 검색하여 지금 바로 즐길 수 있도록 합니다. 최고의 팟캐스트 앱이며 Android, iPhone 및 웹에서도 작동합니다. 장치 간 구독 동기화를 위해 가입하세요.
Talos Takes와 비슷한 콘텐츠
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
S
Security Weekly Podcast Network (Audio)
1
Security Weekly Podcast Network (Audio)
Security Weekly Productions
2k3k
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
How does artificial intelligence change when people — not profit — truly come first? Join IRL’s host Bridget Todd, as she meets people around the world building responsible alternatives to the tech that’s changing how we work, communicate, and even listen to music.
…
continue reading
D
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Player FM -팟 캐스트 앱
Player FM 앱으로 오프라인으로 전환하세요!
Player FM 앱으로 오프라인으로 전환하세요!
))
