In this episode of Talos Takes Hazel sits down with Talos' Bill Largent and Craig Jackson to discuss the latest Cisco Talos Incident Response Quarterly Trends Report (Q3 2025). From a wave of Toolshell events, to a rise in post-exploitation phishing, and the misuse of legitimate tools like Velociraptor, this quarter’s cases all point to a theme: attackers are getting very good at living off what’s already in your environment. Read the full report at https://blog.talosintelligence.com/ir-...
All content for Talos Takes is the property of Cisco Talos and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
In this episode of Talos Takes Hazel sits down with Talos' Bill Largent and Craig Jackson to discuss the latest Cisco Talos Incident Response Quarterly Trends Report (Q3 2025). From a wave of Toolshell events, to a rise in post-exploitation phishing, and the misuse of legitimate tools like Velociraptor, this quarter’s cases all point to a theme: attackers are getting very good at living off what’s already in your environment. Read the full report at https://blog.talosintelligence.com/ir-...
Inside the attack chain: A new methodology for tracking compartmentalized threats
Talos Takes
16 minutes
6 months ago
Inside the attack chain: A new methodology for tracking compartmentalized threats
Edmund Brumaghin joins Hazel to discuss how threat actors (including state sponsored attackers), are increasingly compartmentalizing their attacks i.e they're bringing in specialist skillsets from other groups to handle different aspects of the attack chain. Edmund discusses why this is happening, and the challenges this poses for defenders when it comes to attribution and reporting. He then discusses several solutions which seek to evolve traditional threat modelling, and help provide clarit...
Talos Takes
In this episode of Talos Takes Hazel sits down with Talos' Bill Largent and Craig Jackson to discuss the latest Cisco Talos Incident Response Quarterly Trends Report (Q3 2025). From a wave of Toolshell events, to a rise in post-exploitation phishing, and the misuse of legitimate tools like Velociraptor, this quarter’s cases all point to a theme: attackers are getting very good at living off what’s already in your environment. Read the full report at https://blog.talosintelligence.com/ir-...
