Best Cisco Talos Podcasts (2025)

1
Terms and conceptions may apply 31:28

Play Pause

4d ago31:28

31:28

Welcome back to the podcast where the structure is theoretical and the only certainty is uncertainty. In this episode, the crew reassembles after a totally intentional and not-at-all accidental hiatus (blame is assigned, forgiveness is not). We cover: AI-assisted IVF (spoiler: it's mostly robots and headlines) The dawning of Mind-games-as-a-service…

1
Teaching LLMs to spot malicious PowerShell scripts 16:16

5d ago16:16

16:16

Hazel welcomes back Ryan Fetterman from the SURGe team to explore his new research on how large language models (LLMs) can assist those who work in security operations centers to identify malicious PowerShell scripts. From teaching LLMs through examples, to using retrieval-augmented generation and fine-tuning specialized models, Ryan walks us throu…

1
229 - What is FIPS 140-3 22:55

10d ago22:55

22:55

Enjoying the content? Let us know your feedback! In today’s interconnected world, the security of our digital infrastructure relies heavily on cryptography—the science of protecting information by transforming it into unreadable formats for unauthorized users. But how do we know the cryptographic solutions we use are truly secure? That’s where stan…

1
228 - How the Emergence of AI-Powered Malware works 26:19

17d ago26:19

26:19

Enjoying the content? Let us know your feedback! In today’s episode is about a seismic shift in the world of cyber threats. The emergence of AI-powered malware. We’ll unpack how this new breed of malware works, the science behind it, real-world incidents, and what the latest academic research reveals. We will also look at the latest news that some …

1
227 - Is UTM Still Relevant? 44:36

24d ago44:36

44:36

Enjoying the content? Let us know your feedback! Today, we’ll answer a pressing question in cybersecurity: Is UTM still relevant in 2025? We’ll trace the origins of UTM, explain why it was created, break down its core features, compare it to newer technologies, and finish by busting a common cybersecurity myth. Before we dive into our main topic, l…

1
How cybercriminals are camouflaging threats as fake AI tool installers 17:05

26d ago17:05

17:05

Chetan Raghuprasad joins Hazel to discuss his threat hunting research into fake AI tool installers, which criminals are using to distribute ransomware, RATS, stealers and other destructive malware. He discusses the attack chain of three different campaigns, including one which even tries to justify its ransom as "humanitarian aid." For the full res…

1
226 - Inside A Stealthy Malware Powering Modern Cyber Attacks 47:28

1M ago47:28

47:28

Enjoying the content? Let us know your feedback! In this week's episode, we get into some detailed exploration of an up and coming malware. Looking at it closer, it is one of the most advanced post-exploitation code families shaping the cybersecurity landscape in 2025. Over the time we have together, we’ll unravel what this malware is, how it works…

1
225 - What Is a Content Delivery Network—And Do They Really Protect Businesses? 24:29

1M ago24:29

24:29

Enjoying the content? Let us know your feedback! This week we are exploring what Content Delivery Networks —commonly known as CDNs— are and whether they protect modern businesses. We’ll dive deep into the mechanics of how CDNs work, the technologies behind them, and whether they defend organizations from threats or just deliver content at blazing s…

1
Inside the attack chain: A new methodology for tracking compartmentalized threats 16:29

1M ago16:29

16:29

Edmund Brumaghin joins Hazel to discuss how threat actors (including state sponsored attackers), are increasingly compartmentalizing their attacks i.e they're bringing in specialist skillsets from other groups to handle different aspects of the attack chain. Edmund discusses why this is happening, and the challenges this poses for defenders when it…

1
224 - Cisco Talos Year 2024 In Review 34:38

1M ago34:38

34:38

Enjoying the content? Let us know your feedback! In this week's episode, we are looking at the latest Cisco Talos’ 2024 report. In this comprehensive report, we will delve into the major cybersecurity trends and threats observed over the past year. Cisco Talos team, has compiled this report to provide valuable insights and guidance for organization…

1
Follow the motive: Rethinking defense against Initial Access Groups 16:38

2M ago16:38

16:38

In this episode, Hazel welcomes Talos researcher Ashley Shen to discuss the evolution of initial access brokers (IABs) and the importance of distinguishing between different types of IABs. We talk about the need for a new taxonomy to categorize IABs into three types: financially motivated (FIA), state-sponsored (SIA), and opportunistic (OIA) initia…

1
223 - RSAC 2025 - Part 2 21:55

2M ago21:55

21:55

Enjoying the content? Let us know your feedback! This is the part 2 of RSAC 2025 episode. If you have not listened to episode 1 (that episode 222), I would suggest you listen to episode 1 before you listen this episode. Before you we get into part 2, lets review what has been happening last week on the news front. - UK shares security tips after ma…

1
222 - RSAC 2025 - Part 1 35:54

2M ago35:54

35:54

Enjoying the content? Let us know your feedback! It was RSAC week and it would be remiss of me if I did not give you a highlight on what went on this year, 2025. After all, RSAC has a critical role in security. We will be reviewing the top key announcements from this year's event, including some exciting news from the major security players in the …

1
Year in Review special pt. 4: How AI is influencing the threat landscape? 32:19

2M ago32:19

32:19

A jam packed episode of guests means a slightly longer Talos Takes for your feed today! We welcome Amy Chang and Omar Santos from Cisco, Vitor Ventura from Talos, and Ryan Fetterman from Splunk. Together, we discuss how AI isn't rewriting the cybercrime playbook, but it is turbo charging some of the old tricks, particularly on the social engineerin…

1
221 - FBI’s 2024 Annual Internet Crime Report 32:16

2M ago32:16

32:16

Enjoying the content? Let us know your feedback! This week's episode looks at the FBI’s 2024 Annual Internet Crime Report -an analysis that not only highlights the scale of cybercrime but also reveals the evolving tactics of cybercriminals and the staggering financial impact on individuals and businesses alike. This of course relates to US but it i…

1
Year in Review special part 3: Identity and MFA attacks 22:58

2M ago22:58

22:58

Steven Leung from Cisco Duo joins Hazel to discuss the prevalence of identity-based attacks, why they're happening, and the various methods attackers are using to circumvent MFA (Multi-Factor Authentication), based on data in Talos' 2024 Year in Review. Topics we touch on include phishing, push spray attacks, and Adversary-in-the Middle campaigns, …

1
220 - Watering Hole Attacks-The Hidden Danger of Trusted Spaces 32:41

2M ago32:41

32:41

Enjoying the content? Let us know your feedback! Imagine visiting your favorite website-one you trust, one you’ve browsed a hundred times before-only to discover it’s become a silent gateway for cybercriminals. What if the real danger wasn’t in suspicious emails or obvious scams, but lurking in the very places you feel safest online? In today’s epi…

1
Year in Review special part 2: The biggest ransomware trends 18:41

2M ago18:41

18:41

Azim Khodjibaev and Lexi DiScola join Hazel to discuss some of the most prolific ransomware groups (and why LockBit may end this year very differently to how they ended 2024). They also discuss the dominant techniques of ransomware actors, where low-profile tactics led to high-impact consequences. For the full analysis, download Talos' 2024 Year in…

1
219 - What Is Agentic AI? 33:36

3M ago33:36

33:36

Enjoying the content? Let us know your feedback! In this week's episode we are touching an intriguing topic. We're going to explore Agentic AI, a fascinating area within artificial intelligence that focuses on autonomous systems capable of making decisions and performing tasks without human intervention. We'll break it down for those new to cyberse…

1
Year in Review special part 1: vulnerabilities, email threats, and adversary tooling 18:15

3M ago18:15

18:15

Talos researchers Martin Lee and Thorsten Rosendahl join Hazel for the first of our dedicated episodes on the top findings from Talos' 2024 Year in Review. We discuss the vulnerabilities that attackers most targeted, how this compares with CISA's list, and how to protect network devices. Given how email lures are evolving, we spend some time chatti…

1
218 - Fast Flux-The Cybercriminal's Hide and Seek 26:49

3M ago26:49

26:49

Enjoying the content? Let us know your feedback! This week, we re going to explore what Fast Flux is, a sophisticated technique used by cybercriminals to evade detection and maintain their malicious activities. We'll break it down for those new to cybersecurity, delve into some technical details, and use analogies to make it all clear. So without f…

1
Year in Review 2024 43:37

3M ago43:37

43:37

Joe, Hazel, Bill and Dave break down Talos' Year in Review 2024 and discuss how and why cybercriminals have been leaning so heavily on attacks that are routed in stealth in simplicity. The team also provide insights into some of the topics of the report, including the top-targeted vulnerabilities of the year, network-based attacks, adversary toolse…

1
217 - Phishing the Expert-The Unexpected Cybersecurity Breach - Part 2 28:32

3M ago28:32

28:32

Enjoying the content? Let us know your feedback! This week's episode is continuation of Troy Hunt's cautionary tale , the creator of HaveIBeenPwned. Despite being a renowned security expert, Troy recently fell victim to a sophisticated phishing attack through Mailchimp. We'll continue to break down what happened, how it happened, and what we can al…

1
216 - Phishing The Expert-The Unexpected Cybersecurity Breach - Part 1 32:15

3M ago32:15

32:15

Enjoying the content? Let us know your feedback! In this week's episode we have a fascinating and cautionary tale about none other than Troy Hunt, the creator of HaveIBeenPwned. Despite being a renowned security expert, Troy recently fell victim to a sophisticated phishing attack through Mailchimp. We'll break down what happened, how it happened, a…

1
215 - Cyber Threat Emulation - Strategies for Staying Ahead Of Cyber Attacks 37:04

4M ago37:04

37:04

Enjoying the content? Let us know your feedback! In this episode, we’ll look into a cybersecurity assessment method that mimics real-world attacks to test an organization's security defenses and response capabilities: Threat emulation. It is one of the strategies to keep you ahead of the game. Threat emulation aims to identify and mitigate security…

1
214 - What are polyglot files and how bad are they? 31:58

4M ago31:58

31:58

Enjoying the content? Let us know your feedback! In this episode, we’ll be exploring a particularly intriguing file types: polyglot files. These digital shapeshifters have become a powerful tool in the arsenal of cyber attackers, capable of bypassing security measures, confusing systems, and delivering malicious payloads in ways that are both creat…

1
213 - Stealing Data in Plain Sight -How Cybercriminals Exfiltrate Your Secrets and How to Stop Them 50:53

4M ago50:53

50:53

Enjoying the content? Let us know your feedback! In today's episode, we're diving deep into Data Exfiltration; one of the most serious threats facing organizations today. We'll break down exactly what data exfiltration is, where it fits in the MITRE ATT&CK framework, the tools and techniques attackers use, and, most importantly, how organizations c…

1
The truth about Tasmanian devils, and getting into cybersecurity 43:09

4M ago43:09

43:09

Bill springs a surprise topic on the team in this episode - how did you get into cybersecurity, and what skills have you brought with you throughout your career? What ensues is a rather lovely, vulnerable conversation that we hope will be helpful for anyone currently thinking about their next career move. Before that Dave has some surprising facts …

1
A blueprint for protecting major events 13:43

4M ago13:43

13:43

Have you ever wondered what it takes to put on a major event like a World Cup or the Olympics, and all the cybersecurity and threat intelligence that needs to be done beforehand? Today’s episode is all about that. Hazel is joined by one of our global Cisco Talos Incident Response leaders, Yuri Kramarz, who has helped some of the biggest events arou…

1
212 - Behind the login Screen - Understanding OS Authentication - Part 2 49:05

4M ago49:05

49:05

Enjoying the content? Let us know your feedback! We are continuing with part 2 of "Behind the Login Screen - Understanding OS Authentication." If you missed our first episode, I highly recommend giving it a listen before diving into today's content. In part one, we started to explore the fascinating world of operating system authentications, focusi…

1
211 - Behind the login Screen: Understanding OS Authentication - Part 2 35:22

5M ago35:22

35:22

Enjoying the content? Let us know your feedback! In today's episode, we're going to explore the fascinating topic of operating systems authentications. We all use it but how many of us wondered how the behind the curtains machinery work. We'll be focusing on Windows, Linux/Unix, and Mac OS. We'll discuss how hashes are used in authentication, the c…

1
Why attackers are using hidden text salting to evade email filters 9:59

5M ago9:59

9:59

In this episode Hazel chats with Omid Mirzaei, a security research lead in the email threat research team at Cisco Talos. Omid and several Talos teammates recently released a blog on hidden text salting (or poisoning) within emails and how attackers are increasingly using this technique to evade detection, confuse email scanners, and essentially tr…

1
210 - Adversarial Misuse of Generative AI 50:21

5M ago50:21

50:21

Enjoying the content? Let us know your feedback! As AI-generated content becomes more advanced, the risk of adversarial misuse—where bad actors manipulate AI for malicious purposes—has skyrocketed. But what does this mean in practical terms? What risks do we face, and how one of the big players is addressing them? Stick around as we break Google’s …

1
How to establish a threat intelligence program (Cisco Live EMEA preview) 16:01

5M ago16:01

16:01

It's an European takeover this week, as Hazel sits down with Talos EMEA threat researchers Martin Lee and Thorsten Rosendahl. They're heading to Cisco Live EMEA next week (February 9-14) to deliver a four hour session on how to establish a threat intelligence program. If you can't make it - here's a 15 minute version! Thorsten and Martin provide be…

1
209 - DeepSeek 28:51

5M ago28:51

28:51

Enjoying the content? Let us know your feedback! Today, we’ve got something really exciting for you. If you’ve been following the world of artificial intelligence lately, you’ve probably heard a lot about a new player in town: DeepSeek. Now, let me tell you, DeepSeek is shaking things up. They’re doing something completely different that’s not only…

1
Web shell frenzies, the first appearance of Interlock, and why hackers have the worst cybersecurity: IR Trends Q4 2024 13:59

5M ago13:59

13:59

Joe Marshall and Craig Jackson join Hazel to discuss the biggest takeaways from Cisco Talos Incident Response's latest Quarterly Trends report. This time the spotlight is on web shells and targeted web applications – both have seen large increases. There’s a brand new ransomware actor on the scene – we’ll talk about the new Interlock ransomware and…

1
208 - Lets Encrypt on shortening certification lifetime to just 6 days! 32:38

5M ago32:38

32:38

Enjoying the content? Let us know your feedback! In this episode we will detail the significant announcement from Let’s Encrypt – the trusted nonprofit Certificate Authority that has been at the forefront of making the web more secure. Let’s Encrypt has revealed its plans to drastically reduce the lifetime of its TLS certificates from 90 days to ju…

1
207 - Microsoft Windows Actively Exploited Vulnerabilities 37:47

5M ago37:47

37:47

Enjoying the content? Let us know your feedback! This episode is one for you system admins out there! Today we’re discussing three actively exploited vulnerabilities you absolutely need to know about—CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335. These vulnerabilities have been making headlines, and understanding them could mean the difference…

1
Social Media Bans, Live Experiments, Cybersecurity Crosswords, and Nine Lives: The B team returns 37:08

6M ago37:08

37:08

More hijinks and silliness ensue in the second episode of the BWT B Team podcast. Joe shares his frustration with being involuntarily removed from a social media platform, Hazel conducts a live experiment, Dave talks about his newfound addiction to crossword puzzles and its parallels to cybersecurity, and Bill recommends the game "Nine Lives" and s…

1
Exploring vulnerable Windows drivers 15:24

6M ago15:24

15:24

Hazel sits down with Vanja Svajcer from Talos' threat research team. Vanja is a prolific malware hunter and this time he's here to talk about vulnerable Windows drivers. We've been covering these drivers quite a bit on the Talos blog over the last year, and during our research we investigated classes of vulnerabilities typically exploited by threat…

1
206 - Cybersecurity Resolutions for 2025 - Best Practices for Individuals and Organizations 32:56

6M ago32:56

32:56

Enjoying the content? Let us know your feedback! This is the podcast where we explore the ever-evolving world of cybersecurity and provide practical advice for staying ahead of threats. I’m your host, Yusuf, and today’s episode is all about starting the new year with a solid plan. We’re diving into _Cybersecurity Resolutions for 2025: Best Practice…

1
205 - Vulnerability Scanners-The Heroes and Hidden Limits of Cybersecurity 28:48

6M ago28:48

28:48

Enjoying the content? Let us know your feedback! Today, we’re tackling a fundamental yet often misunderstood tool in every cybersecurity professional's arsenal—vulnerability scanners. What role do they play in protecting our organizations? Where do they shine, and where do they fall short? As always, we’ll cut through the jargon and break things do…

1
204 - Recap of the best episodes of 2024 1:31:38

6M ago1:31:38

1:31:38

Enjoying the content? Let us know your feedback! This final episode of 2024, we recap the best the most listened to episodes of the year. And this year we have a great four back to back of the greatest of them all. Lets start with the first eisode 191 - Is The Browser The New Operating System? released on the 28th of September. Next is episode 172 …

1
203 - Tips In Securing Your Organization - When the Security Team is Away 22:04

6M ago22:04

22:04

Enjoying the content? Let us know your feedback! It is a topical episode we’re diving into a high-stakes challenge every organization faces: It is holiday season, how do you manage threats when most of the security team is off duty. Imagine a holiday season, a long weekend, or even an unexpected emergency. With key team members unavailable, how do …

1
202 - Volt Typhoon 36:15

7M ago36:15

36:15

Enjoying the content? Let us know your feedback! In this week's episode, we’re diving into a concerning and highly consequential topic: the Volt Typhoon espionage campaign—an advanced persistent threat that has sent shockwaves through the cybersecurity and telecommunications industries. Volt Typhoon, a state-backed APT group, has been making headli…

1
It's the 35th anniversary of ransomware - let's talk about the major shifts and changes 23:28

7M ago23:28

23:28

Ransomware is 35 years old this month, which isn't exactly something to celebrate. But in any case, do join Hazel and special guest Martin Lee to discuss what happened in the very first ransomware incident in December 1989 and why IT "wasn't ready". They then discuss how ransomware evolved to become the criminal entity it is today, which involves l…