You Can't Patch Burnout: When Cybersecurity Takes a Toll
Every October, Cybersecurity Awareness Month brings a wave of tips: update your software, enable MFA, use strong passwords. But what good is any of that if the people behind the defenses are feeling burned out?In this episode of Talos Takes, Hazel sits down with Joe Marshall for a candid, vulnerable conversation about the human cost of cybersecurity. Joe opens up about his experience during the VPNFilter campaign — months of secrecy, long hours, immense pressure, and the trauma it left behind. Hazel shares her own journey with burnout, and together they talk about how to recognise the warning signs.They close with practical steps: building a personal “incident response playbook” that includes boundaries, peer support, and self-care. Because at the end of the day, you can’t patch a system if you're burned out.
--------
47:21
--------
47:21
Tampered Chef: When Malvertising Serves Up Infostealers
Imagine downloading a PDF Editor tool from the internet that works great...until nearly two months later, when it quietly steals your credentials. That’s the reality of “Tampered Chef,” a malvertising campaign that preyed on users searching for everyday software.In this episode, Nick Biasini explains how cybercriminals are investing in "malvertising", why enterprises are prime targets, and why there are additional challenges when it comes to defending against time-delayed attacks.
--------
11:22
--------
11:22
Inside the Black Hat NOC: Lessons in Securing One of the Wildest Networks
How do you build and defend a network where attacks are not just expected-they're part of the curriculum? In this episode, Hazel talks with Jessica Oppenheimer, Director of Security Operations at Cisco, about the ten years she's spent in the Black Hat Network Operations Center (NOC).Explore the technical challenges of segmenting and monitoring a network designed for experimentation, live hacking, and hands-on training, including how malicious and benign behaviors are distinguished in real time. Jessica shares how the NOC leverages Cisco technologies like the new machine learning-powered SnortML engine to detect zero-days, outliers, and advanced attack patterns that traditional rule sets miss.Learn how automation, contextual analysis, and collaborative response drive decision-making in this high-stakes environment, and how those lessons now influence security at global events like the Olympics and the Super Bowl.For more details, check out the Cisco blog wrap detailing all our Black Hat NOC activity https://blogs.cisco.com/security/bhusa-2025-noc
--------
23:05
--------
23:05
Breaking Down Chaos: Tactics and Origins of a New RaaS Operation
Hazel is joined by threat intelligence researcher James Nutland to discuss Cisco Talos’ latest findings on the newly emerged Chaos ransomware group. Based on real-world incident response engagements, James breaks down Chaos’ fast, multi-threaded encryption, their use of social engineering and remote access tools like Quick Assist, and the group’s likely connections to former BlackSuit operators. James also shares what defenders should be watching for and how to stay ahead of evolving ransomware tactics.Read the full research blog: https://blog.talosintelligence.com/new-chaos-ransomware
--------
15:33
--------
15:33
Why Attackers Love Your Remote Access Tools
Attackers are increasingly abusing the same remote access tools that IT teams rely on every day. In this episode, Hazel sits down with Talos security researcher Pierre Cadieux to unpack why these legitimate tools have become such an effective tactic for adversaries.Pierre explains how the flexibility, legitimacy, and built-in capabilities of remote access management tools make them ideal for attackers who want to stay under the radar. They discuss trends Talos Incident Response is seeing in the field, examples of commonly abused tools, and the challenges defenders face when trying to detect misuse.You'll also hear practical advice on what defenders and IT teams can do today to better secure their environments — and what the rise of remote access management tool abuse tells us about attacker behavior and the current state of cybercrime.Resources mentioned:Talos Incident Response Quarterly Trends ReportWhen Legitimate Tools Go Rogue (Talos Blog)
Every fortnight, host Hazel Burton brings on a new guest from Talos or the broader Cisco Security world to break down a complicated security topic. We cover everything from breaking news to attacker trends and emerging threats.
Netherlands