Listen to Talos security experts as they bring their hot takes on current security topics and Talos research to the table. Along the way Lurene, Matt, and Mitch and a rotating chair of special guests will talk about anything (and we mean anything) that's on their minds, from the latest YouTube trends to Olympic curling etiquette. New episodes every other Thursday.

  • Beers With Talos

    Patch After Listening, RDP and Wild 0-days

    Recorded 5/24/19 - There is another Blue(x) to talk about and guess what? YES, YOU STILL NEED TO PATCH. We talk about RDP, the source of this vuln, and whether or not exploits exist for it (hint: they do). There is a quick look back at last year on the anniversary of VPNFilter, and we also tackle 0-days again through the lens of Project Zero’s timeline of 0-days found in the wild.

    Also, Craig hasn’t seen the end of John Wick 3 yet, so feel free to tweet him spoilers. If you are in San Diego for Cisco Live, come find us to see a live recording of the podcast!

    Full show notes on the Talos blog

    Download
    Run Time: 00:53:56

    Keywords
    • talos
    • security
    • RDP
    • 0-day
    • zero day
    • BlueKeep

  • Beers With Talos

    Shiny Happy Election Security (And Ninjas)

    Recorded 5/10/19 - Election security has been a dominant headline for some time, so it’s high time we take a look at what that landscape looks like - where we are today, and how we got there in the first place (hint: there were deeper unintended consequences than Shiny Happy People on REM’s “Out of Time” album). We anticipate gathering some first-time listeners due to the topic of this podcast… to you we say welcome - and yes, it’s always like this. Matt kicks us off today discussing the greatest nerd rock band of all time - Ninja Sex Party. If you haven’t heard of them, you are in the wrong and should fix that quickly. Full show notes on the Talos blog

    Download
    Run Time: 01:00:52

    Keywords
    • talos
    • security
    • election security
    • voting
    • ninja sex party

  • Beers With Talos

    I Don’t Trust You Because I Care

    Recorded 4/26/19 - Since Craig decided to skip the podcast today, we decided to invite one of Austin’s top actual security experts, Wendy Nather, to stop by. After Mitch is done being a fanboy, Wendy breaks down zero-trust, beyond the marketing story of a world without a perimeter. We spend most of the time discussing what zero trust looks like as security model and how it can be implemented in the real world. We also dive into usability and “good enough” security. Full show notes available on the Talos blog

    Download
    Run Time: 00:59:19

    Keywords
    • talos
    • security
    • zero trust
    • mfa
    • wendy nather

  • Beers With Talos

    Sea Turtles Yeeting Packets

    Recorded 4/12/19 - Today we rip through a few other things to spend most of our time discussing Sea Turtle - the latest DNS hijacking campaign uncovered by Talos. Also, Joel causes the biggest blockchain outburst in some time. Special thanks for today’s podcast goes to Danny Adamantis, Talos researcher on the Sea Turtle campaign. Danny was going to be with us today, but experienced some technical issues that prevented that from happening. RIP Danny’s mic 4-12-19. Full show notes on the Talos blog

    Download
    Run Time: 01:01:19

    Keywords
    • talos
    • security
    • DNS
    • hijacking
    • sea turtle

  • Beers With Talos

    Operating Under the Cover of… Nothing

    Recorded 3/29/19 - Matt and Joel are both on the road this week, and Omar Santos from Cisco PSIRT joins the crew to discuss malware posing as ransomware and defending against supply chain attacks. We go deeper on the Talos story exposing criminal groups operating in the open on social media platforms like Facebook - and the implications of criminal groups leveraging social networking. Facebook has removed the disclosed groups, so we discuss the best-effort ways to play whack-a-mole with bad guys on the open web. Full show notes on the Talos blog

    Download
    Run Time: 01:00:19

    Keywords
    • talos
    • security
    • supply chain
    • facebook
    • asus

  • Beers With Talos

    POS Malware, RSA Highlights, and SOL OpSec Fails

    Recorded 3/15/19 - We recorded this after coming back from RSA, with some on-location highlights included! This EP opens a bit more thought provoking than we typically do, and we move toward discussing POS malware, like Glitch. After the RSA highlights, we discuss OpSec fails, and Nigel becomes a Burning Man convert after learning there are people there on drugs with rockets that he watch for funsies. Full show notes on the Talos blog

    Download
    Run Time: 00:57:45

    Keywords
    • talos
    • security
    • POS
    • RSA
    • OpSec

  • Beers With Talos

    Loaders or Trojans, and RSA preview

    Recorded 3/1/19 - This is a super short EP - we are trying to get it our for RSA and Matt is MIA today. We are covering the basics of loaders (and the difference between loaders and trojans). We also talk about some RSA activities we have coming at RSA!!Full show notes on the Talos blog.

    Download
    Run Time: 00:32:00

    Keywords
    • talos
    • security
    • trojan
    • loader
    • RSA

  • Beers With Talos

    Privacy, Underwear, and Arias

    Recorded 2/15/19 - We are joined by special guest Michelle Dennedy, VP and Chief Privacy Officer at Cisco. This is a long EP that is worth every minute - covering everything from the modern privacy landscape, privacy as a fundamental human right, and all the ways you didn’t know underwear can protect you. We were a bit concerned about having a VP on, but after Michelle knocked us around a bit we figured out what was up… however, if this is the last EP you see listed, I think we all know what happened. Full show notes on the Talos blog

    Download
    Run Time: 01:27:31

    Keywords
    • talos
    • security
    • privacy
    • michelle dennedy

  • Beers With Talos

    Privacy Pwnd: ExileRAT and Collecting Bad Karma

    Recorded 2/1/19 - Today we discuss threats that bridge the gap between violating privacy and classic cybersecurity threats - malware and systems that are tracking voices of dissent and using their own devices as recon tools against them. The two cases cited in this EP are ExileRAT, a trojan delivered via malicious Office docs targeting supporters of the Tibetan government-in-exile; and Karma, a zero-touch toolkit used by at least one nation-state to remotely surveil essentially all the valuable data in their targets iPhones. We are going to continue this topic on the next episode as we continue to dig deeper into the idea of privacy as a fundamental human right with a very special guest (hint: it’s Michelle Dennedy) so make sure to catch the next EP as well.
    Full show notes on the Talos Blog

    Download
    Run Time: 00:48:04

    Keywords
    • talos
    • security
    • privacy
    • karma
    • ExileRAT

  • Beers With Talos

    SoHo Attacks, IoT Devices, and the Cesspool Setting

    Recorded 1/18/19 - We have a extended roundtable today (even more than usual) because we accidentally discussed some relevant security topics in the meantime. Eventually, we move on to talk about recent releases, primarily the Pylocky decryptor and more IoT vulnerabilities. We move on to discuss what’s going on in the SoHo device space, with some specific advice and a lot of rage. This EP closes out discussing the release of Holger’s DDR plug-in (download available) and reminding everyone of the TTRS CFP (closing soon!)Full show notes on the Talos blog

    Download
    Run Time: 01:05:11

    Keywords
    • talos
    • security
    • DDR
    • IoT
    • SoHo
    • TTRS
    • Talos Summit