Listen to Talos security experts as they bring their hot takes on current security topics and Talos research to the table. Along the way, Mitch, Liz, Matt and a rotating chair of special guests will talk about anything (and we mean anything) that's on their minds, from the latest YouTube trends to Olympic curling etiquette. New episodes every other Thursday.

  • Beers With Talos
    2022-11-29

    I find your vulnerabilities offensive (and exploitable).

    We are (finally) talking about the recent OpenSSL vulnerability as we had to redo this EP.  In our infinite podcasting wisdom, we took a stab at it roughly 2 hours before the embargo expired and coverage was released - which is obviously is a very silly idea in hindsight.
    After we cover the current issue at hand, Lurene leads us through the surface levels of how vulns can be exploited in the heap or stack, and the different perspective and processes in practice by offensive security experts.  If you want to walk away with a new view of vulns and exploits, stay for the whole hour.

    Here is a great write up from DataDog on OpenSSL vulnerability CVE-2022-3602.

    Download
    Run Time: 01:00:21

    Keywords

  • Beers With Talos
    2022-10-26

    Im a skiddie, and you can too!

    Mitch was trying to preserve his voice, so Matt is driving the bus during this episode — hang on! In this edition, we're talking about script kiddies (unfortunately, not "kitties.") These are basically adversaries with an extreme base level of computer knowledge who use basic scripts to carry out cyber attacks. How can we avoid these attacks, even if they'll look like benign activity in your environment? 

    Download
    Run Time: 00:40:23

    Keywords

  • Beers With Talos
    2022-09-22

    The intricacies of cyber conflict in Ukraine

    At the onset of Russia's invasion of Ukraine, many experts and government officials expected there to be two fronts of the war — one on the ground in Ukraine and one in cyberspace. But all things considered, we haven't seen as much offensive cyber warfare come from either side of this conflict this year. J.J. Cummings from Talos Threat Intelligence and Interdiction joins the show again to share his experience from working hands-on with networks in Ukraine. He, Lurene, Mitch and Matt discuss why there haven't been as many offensive attacks as we were expecting, or if they're just happening in the background and no one's talking about it.

    Other suggested talking points include:

    • What is the "Texas" of other continents?
    • Drama inside the Conti ransomware gang.
    • Why Matt definitely doesn't spend too much time on Twitter.
    • How sad should we be about the Queen of England dying?

    Some helpful links:

    Download
    Run Time: 00:58:24

    Keywords

  • Beers With Talos
    2022-08-31

    A(nother) new host approaches!

    We're excited to add to the growing Beers with Talos family with the addition of Lurene Grenier to the squad. Lurene joins her first episode and hits the ground running talking about her current role within Talos. She, Mitch and Matt talk about the major differences between exploit development and vulnerability discovery, and how Lurene started her career in exploit development. While exploit development might sound like the stereotypical thing a "basement hacker" does, it's actually very important to the security arena and something a hobbyist can easily turn into a career. 

    Other talking points:

    • Unsolicited marketing advice for Pennsylvania government agencies.
    • Dunking on the Tampa Bay Rays.
    • Why Lurene is always right.
    • $8 million worth of exploit development for Apple products.
    Download
    Run Time: 01:00:24

    Keywords

  • Beers With Talos
    2022-08-12

    Is More than Executive Action in Order?

    Recorded May 11, 2020 – Craig wins MVP of the podcast for his attempts to avoid discussing… something. Anyway, we went a little long on this podcast, but stick with us as we wind through the recent Executive Order on cybersecurity, and then discuss another… interesting take on how we should then combat these new threats. I feel almost obligated to let you know before you listen, it’s a letter of marque take, and oddly, we all agreed on something.Full show notes on the Talos blog

    Download
    Run Time: 00:50:09

    Keywords
    • talos
    • security
    • executive order
    • letter of marque

  • Beers With Talos
    2022-08-12

    Beers with Talos Ep. #107: Sailing the high seas in search of privateer groups

    You’re not going to believe this, but everyone actually agreed on something in this episode. And no, it’s not regarding the best flavor of beef jerky. In this episode, we discuss a new category of threat actors that we’re choosing to call privateers. The guys discuss why this classification is much needed in the security community, the previous research on this topic, and the ways private security firms can partner with public intelligence agencies to protect against this type of threat. You can find complete show notes and links over on the Talos blog.

    Download
    Run Time: 00:39:35

    Keywords
    • Beers with Talos
    • privateers
    • ransomware
    • APTs

  • Beers With Talos
    2022-08-12

    Kaseya it ain't so

    Summer hacking, happened so fast….
    We’ve been trying to enjoy our summer, but supply chain attacks just had to go and ruin the fun. So Mitch got back from fishing and decided to pull the guys together to discuss the Kaseya supply chain attack. We cover this major event BWT-style, and talk phony patches, mitigation strategies, and unsolicited advice for Kaseya’s CISO. For more, you can also watch our recent live stream with Nick Biasini covering everything you need to know about this attack.
    Also, if you want more Beers with Talos (and you’re listening to this the day it’s released) join us over on the Cisco Twitter account on Thursday, Aug. 5 for a #TalosTakeover. We can’t believe they’re letting us do this, either.

    Download
    Run Time: 00:52:39

    Keywords
    • Kaseya
    • supply chain
    • ransomware
    • REvil

  • Beers With Talos
    2022-08-12

    Beers with Talos Ep. #109: We have not secured our society — Or, working out a conference talk in realtime

    Most of the Beers with Talos folks are refreshed after a summer vacation. But don’t assume that means they actually prepared for this episode. This is more of a free-flowing episode, where we discuss cyber conflict between nations — one of the many things that keep Matt up at night. They go back and forth discussing what a “cyber war” could actually look like, and what crosses the line into conflict versus traditional “hacktivism.”

    Download
    Run Time: 00:53:59

    Keywords
    • Apple watches
    • cyber war
    • hacking
    • state-sponsored

  • Beers With Talos
    2022-08-12

    Beers with Talos, Ep. #110: The 10 most-exploited vulnerabilities this year (You won't believe No. 6!)

    We mainly spend this episode doing some catching up because it’s been a while since we recorded. But on the actual, helpful, front, we discuss a recently released list of the vulnerabilities that are most often exploited in the wild, according to the U.S. Cybersecurity and Infrastructure Security Agency.

    It’s particularly interesting to compare the lists from 2020 and 2021 to see how threat actors have changed up their tactics and parse through all the information to tell you what you need to know. It’s also important to question these types of reports and how helpful they are to defenders.

    This is also a great episode for any Snort fans out there who are interested in the old days of writing rules for some Y2K-era malware.

    Download
    Run Time: 00:54:36

    Keywords
    • vulnerabilities
    • patching
    • vulnerability research
    • exploits
    • ransomware
    • Snort

  • Beers With Talos
    2022-08-12

    Beers with Talos Ep. #111: Saying farewell to Craig and his killer robots

    [Re-uploaded to fix an audio gap.] Yes, we’ve been sitting on this one for a while. But it’s worth it, we promise! We wanted to wait until we had more news to share, so it’s finally time to announce that Craig has left us. We will absolutely miss Craig, but look forward to the next act of Beers with Talos now that 2/5ths of the original crew is gone. We take the time to reminisce with Craig about his time at Talos and talk about this new trend of “bandwidth-sharing” applications. Stay tuned to BWT Ep. #112 where we’ll debut with a new host!

    Download
    Run Time: 00:47:10

    Keywords
    • Honeygain
    • internet sharing
    • malware
    • spam
    • scams