Podcasts

So You Wanna Be an Incident Commander? Meet Alex Ryan

We welcome new Talos teammate and incident commander Alex Ryan to the pod this week. Bill, Joe and Hazel chat with Alex about what it really takes to lead through the chaos of a cybersecurity incident, from coordinating stressed-out teams, fielding exec questions, and making sure people eat.

Much to Bill's dismay, we have something resembling a "format" for this episode, and we start by breaking down the week's security news, including:

• The SharePoint zero-day exploit (“ToolShell”) and what defenders should do now. Here's the Talos blog we mention https://blog.talosintelligence.com/toolshell-affecting-sharepoint-servers/
• An AI assistant gone rogue — and how a consultant lost thousands of databases in his sleep.
• Everything Talos has got going on at Black Hat

We then ask Alex more about her career story, including what it’s like breaking into security from a philosophy degree. We also have some honest talk about making mistakes, women in cyber, and why we need to keep mid-career women in tech. 

Want to meet Talos at Black Hat? Come find us at the Cisco booth, play Backdoors & Breaches over lunch with us, and hear the latest threat research. More details in this blog https://blog.talosintelligence.com/cisco-talos-at-black-hat-2025-briefings-booth-talks-and-what-to-expect/

Breaking Down Chaos: Tactics and Origins of a New RaaS Operation

Hazel is joined by threat intelligence researcher James Nutland to discuss Cisco Talos’ latest findings on the newly emerged Chaos ransomware group. Based on real-world incident response engagements, James breaks down Chaos’ fast, multi-threaded encryption, their use of social engineering and remote access tools like Quick Assist, and the group’s likely connections to former BlackSuit operators. James also shares what defenders should be watching for and how to stay ahead of evolving ransomware tactics.

Read the full research blog: https://blog.talosintelligence.com/new-chaos-ransomware