Nick Biasini
@infosec_nick
Followers
2K
Following
964
Media
182
Statuses
1K
Head of Outreach at Cisco Talos. These are my views not my employers. @[email protected]
Austin, TX
Joined January 2015
For this week's episode of Talos Takes, we got together a panel to discuss the major takeaways from #BHUSA and #DEFCON, including all the talk around #AI @nohackme @ImmortanJo3 @infosec_nick
https://t.co/Pzqd9o66GK
0
7
9
Next week at #BHUSA - Join @infosec_nick from @TalosSecurity for a threat briefing with insights and mitigation strategies related to identity attacks, zero-day exploits, #ransomware, and infostealer #malware ➡️ https://t.co/YyN4vEwIrg 📆 August 7 ⏰ 2:35pm 📍 Mandalay Bay I
1
7
17
🎙️ In @TalosSecurity's first episode of Talos Threat Perspective (TTP), @infosec_nick & James Nutland reveal new #ransomware trends & identity vulnerabilities. See how Cisco's User Protection Suite protects against these threats in today's #security blog:
blogs.cisco.com
Discover Talo’s first episode of Talos Threat Perspective and how Cisco’s User Protection Suite can provide a layered approach to security.
1
6
17
Latest from our team. #Turla targeting NGOs supporting Ukraine. Full details 👇
The #Turla APT is back with a new backdoor, very similar to its previous "TinyTurla" tool. Read more about what this Russian state-sponsored actor is up to now https://t.co/5gADXtEIn8
1
0
5
One of, if not the biggest issue, with the mercenary spyware / PSOA space is the lack of sharing of actionable intelligence and IOCs. Until we fix it, its not going to get any better. We need to shine a light on how this technology works.
"There is almost zero data being shared across the industry on this particular threat, and that is a massive problem," @TalosSecurity @infosec_nick said. The #spyware business is booming despite government crackdowns https://t.co/erJsnsO628 via @theregister
1
2
3
Our 2023 Year in Review report is live now! Check out our never-before-seen data on attacker trends, the most popular malware of the past year, and breakdowns on specific state-sponsored actors https://t.co/AQOIK0kZmA
0
25
19
The Nick Biasini episode is live and it's a good one! https://t.co/qMbsvjMIks <-- sponsored by @binarly_io
securityconversations.com
Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Nick Biasini has been working in information security for nearly two decades. In his current role as head of […]
Coming up next on the podcast: - Nick Biasini, researcher, Cisco Talos Intelligence Group @infosec_nick - Seth Spergel, managing partner, Merlin Ventures @MerlinVentures - Dan Lorenc, co-founder and CEO, Chainguard @lorenc_dan Subscribe at https://t.co/4eJUwb73Pa
1
7
7
Great conversation, hope to be able to do it again soon. Thanks @ryanaraine, as always.
🔥NEW podcast advisory: @TalosSecurity researcher Nick Biasini on the cryptic world of threat actor attribution, the rise of PSOAs (private sector offensive actors) and why network edge devices are a happy hunting ground for attackers @infosec_nick
https://t.co/qMbsvjNga0
1
1
8
Latest research from our team. Great work as always uncovering the network of dating apps that are seemingly related in addition to the overtly malicious apps we found. #AridViper
We're releasing details of a threat actor called #AridViper targeting users in the #MiddleEast with #spyware. Although it is likely based out of Gaza, Talos has no evidence indicating or refuting this campaign is related in any way to the Israel-Hamas war. https://t.co/C0gGe08v6e
0
2
7
Talos assesses with high confidence that the #YoroTrooper threat actor likely consists of individuals from Kazakhstan. But that hasn't stopped them from covering their tracks and disguising their origins. More on this threat actor in our latest blog https://t.co/K2xIhDkaWg
0
3
5
An actor we're calling "ShroudedSnooper" is actively targeting telecommunications companies in the Middle East using a previously undiscovered #malware family. More details on this threat and how users can stay protected https://t.co/km18Gv3Jjx
0
14
16
More great work from the team on recent #Lazarus activity. Check it out 👇
#NorthKorea's Lazarus Group is back again, this time with two new remote access trojans. The attacker continues to use the same infrastructure, but is changing up their eventual payloads. More here:
0
3
10
Another talk in the business hall at #BHUSA this year. Come say hi and learn about XDR.
Planning your visit to #BHUSA? 🎩 📆 Don't miss our session on August 9 at 11:30am PT with VP, AJ Shipley and @TalosSecurity's @infosec_nick to learn more about how #XDR offers a solution that can provide an advantage! 💻 Register here: https://t.co/Pi3LxXhNyJ
@BlackHatEvents
0
0
2
"This decision shows the will and action by the Biden administration against those that have shown willingness to abuse these technologies." @infosec_nick Security Industry Mulls Spyware ‘Whack-A-Mole’ Problem https://t.co/x3XIpk12QS
#decipher #deciphersec
0
3
4
We just published new research on an adversary conducting several campaigns against government entities, military organizations and civilian users in #Ukraine and #Poland. These campaigns primarily start with #spam emails and malicious Office attachments https://t.co/zlfMRpNmtj
0
8
10
Latest from our team. Great research from @g0jirasan. Check out the follow up blog on additional malicious activity as well -
blog.talosintelligence.com
Cisco Talos has identified multiple versions of an undocumented malicious driver named “RedDriver,” a driver-based browser hijacker that uses the Windows Filtering Platform (WFP) to intercept browser...
We recently saw threat actors exploiting a #Windows policy loophole that allows the signing and loading of cross-signed kernel-mode drivers with older signature timestamps. #Microsoft just released an advisory on this activity, but more on our blog here: https://t.co/tNNzIlPQnc
0
4
3
Latest blog I worked on with Talos Incident Response. Vendor and contractor account abuse is a pervasive form of supply chain attack that organizations need to account and prepare for, details and recommendations. 👇
Adversaries are increasingly using compromised third-party accounts to infiltrate the software supply chain. We have more on this threat and the trends around vendor account compromise over on the Talos blog https://t.co/qr1jg1RoZB
0
0
0
This week's episode of Talos Takes covers the #Predator spyware and the rise of "mercenary" groups. This is a quick overview of why spyware is so dangerous and what we recently learned about the Predator tool specifically https://t.co/8vrXioPq6l
0
3
2
Talos researchers recently discovered a new #botnet called #Horabot that can completely take over targeted users' Outlook mailbox, even using the target's contact list to send more spam https://t.co/YHD8gOBzua
0
22
21