235 épisodes
- MFA and password resets aren't always enough.
That’s terrifying for security teams today. In this episode of Talos Takes, we dive deep into ARToken, a sophisticated phishing/BEC-as-a-service platform that steals credentials, bypasses MFA entirely, and leverages primary refresh tokens (PRTs) to maintain persistence in your environment long after a password reset. This turns a simple phishing click into a long-term breach.
It’s time to rethink your defenses. Join us as Cisco Talos Threat Researcher Michael Kelley breaks down how this new breed of automated attack works and, more importantly, how you can spot it. From hunting for suspicious device authorization grants to securing your cloud infrastructure, don't miss this critical look at the new frontier of business email compromise.
Blog: https://blog.talosintelligence.com/artoken-inside-an-eviltokens-affiliate-panel-targeting-microsoft-365/ - While the Component Object Model (COM) is a fundamental Windows technology that allows software to communicate and function, it's also a powerful tool for threat actors looking to move laterally, maintain persistence, and evade traditional security measures.
Joining us is Vanya Svajcer, who shares his expertise on how to cut through the noise and identify malicious signals within COM-based binaries. Whether you are a seasoned researcher or just starting your journey into reverse engineering and malware analysis, here's some practical advice on how to start hunting for COM-based threats and making your next investigation a little more effective.
Vanja's blog: https://blog.talosintelligence.com/introduction-to-com-usage-by-windows-threats - If you're tired of being told to "just patch," we understand. The threat landscape is evolving at breakneck speed, with AI-driven tools enabling adversaries to uncover and exploit vulnerabilities before defenders even know they exist. In this episode of Talos Takes, Amy sits down with Threat Intelligence Lead Pierre Cadieux to discuss how to defend against these unknown threats. We move past the simplified advice of "just patch everything" to explore the logistical, technical, and business realities that make patching a complex, high-stakes operation rather than a simple button click.
From the necessity of testing your patches to the importance of building strong partnerships between security teams and business leadership, this episode breaks down the things defenders often miss that build true resilience in organizations. When synthetic logs don’t lie: Generating coherent attack stories for better detection
03/06/2026 | 19 minAre your detection rules failing because your test data lacks the nuance of a real-world network? In this episode of Talos Takes, Amy sits down with David Bianco to discuss why traditional synthetic data often falls short and how his new open-source project, EvidenceForge, is changing the game.
Synthetic datasets often look like telemetry but lack the critical causal links and realistic background noise that define actual adversary activity. EvidenceForge solves this by creating data that tells a coherent, causal story. From simulating complex attack chains to modeling realistic, "bursty" human behavior, this tool helps threat hunters and detection engineers to sharpen their skills with reproducible, high-quality telemetry.
EvidenceForge blog: https://blog.talosintelligence.com/introducing-evidenceforge-synthetic-security-logs-that-dont-look-as-fake/
PEAK Threat Hunting Assistant episode: https://www.buzzsprout.com/2018149/episodes/18825324- In this episode of Talos Takes, Amy Ciminnisi sits down with researcher Diana Brown to discuss the rise of "platform-as-a-proxy" (PAP) attacks. We explore how threat actors are weaponizing legitimate SaaS platforms like GitHub and Jira to deliver phishing campaigns that bypass traditional security filters. By leveraging the platforms' own infrastructure to send authenticated emails, attackers are exploiting the inherent trust employees place in these essential business tools. We break down the mechanics of these campaigns and provide actionable strategies for security teams to move beyond binary trust and implement contextual awareness to better protect their organizations.
Blog: https://blog.talosintelligence.com/weaponizing-saas-notification-pipelines/
Plus de podcasts Technologies
Podcasts tendance de Technologies
À propos de Talos Takes
Every two weeks, host Amy Ciminnisi brings on a new guest from Talos or the broader Cisco Security world to break down a complicated security topic. We cover everything from breaking news to attacker trends and emerging threats.
Site web du podcastÉcoutez Talos Takes, Comptoir IA 🎙️🧠🤖 ou d'autres podcasts du monde entier - avec l'app de radio.fr

Obtenez l’app radio.fr gratuite
- Ajout de radios et podcasts en favoris
- Diffusion via Wi-Fi ou Bluetooth
- Carplay & Android Auto compatibles
- Et encore plus de fonctionnalités
Obtenez l’app radio.fr gratuite
- Ajout de radios et podcasts en favoris
- Diffusion via Wi-Fi ou Bluetooth
- Carplay & Android Auto compatibles
- Et encore plus de fonctionnalités


Talos Takes
Scannez le code,
Téléchargez l’app,
Écoutez.
Téléchargez l’app,
Écoutez.
Talos Takes: Podcasts du groupe





































