Welcome to the party, pal!
In the last newsletter of the year, Thorsten recalls his tech-savvy gift to his family and how we can all incorporate cybersecurity protections this holiday season.
Something to Read When You Are On Call and Everyone Else is at the Office Party
Its mid-December, if you’re on-call or working to defend networks, this newsletter is for you. Martin discusses the widening gap between threat and defences as well as the growing problem of home devices being recruited to act as proxy servers for criminals.
The adventures of an extroverted cyber nerd and the people Talos helps to fight the good fight
Ever wonder what an extroverted strategy security nerd does? Wonder no longer! This week, Joe pontificates on his journey at Talos, and then is inspired by the people he gets to meet and help.
Bidirectional communication via polyrhythms and shuffles: Without Jon the beat must go on
The Threat Source Newsletter is back! William Largent discusses bidirectional communication in the SOC, and highlights new Talos research including the discovery of PXA Stealers.
What I’ve learned in my first 7-ish years in cybersecurity
Plus, a zero-day vulnerability in Qualcomm chips, exposed health care devices, and the latest on the Salt Typhoon threat actor.
What NIST’s latest password standards mean, and why the old ones weren’t working
Rather than setting a regular cadence for changing passwords, users only need to change their passwords if there is evidence of a breach.
CISA is warning us (again) about the threat to critical infrastructure networks
Despite what lessons we thought we learned from Colonial Pipeline, none of those lessons have been able to be put into practice.
Are hardware supply chain attacks “cyber attacks?”
It shouldn’t just be viewed as a cybersecurity issue, because for a hardware supply chain attack, an adversary would likely need to physically infiltrate or tamper with the manufacturing process.
Talk of election security is good, but we still need more money to solve the problem
This year, Congress only allocated $55 million in federal grant dollars to states for security and other election improvements.