Beers with Talos Podcasts || Cisco Talos Intelligence Group

Listen to Talos security experts as they bring their hot takes on current security topics and Talos research to the table. Along the way Lurene, Matt, and Mitch and a rotating chair of special guests will talk about anything (and we mean anything) that's on their minds, from the latest YouTube trends to Olympic curling etiquette. New episodes every other Thursday.

Beers With Talos
The intricacies of cyber conflict in Ukraine

At the onset of Russia's invasion of Ukraine, many experts and government officials expected there to be two fronts of the war — one on the ground in Ukraine and one in cyberspace. But all things considered, we haven't seen as much offensive cyber warfare come from either side of this conflict this year. J.J. Cummings from Talos Threat Intelligence and Interdiction joins the show again to share his experience from working hands-on with networks in Ukraine. He, Lurene, Mitch and Matt discuss why there haven't been as many offensive attacks as we were expecting, or if they're just happening in the background and no one's talking about it.

Other suggested talking points include:
What is the "Texas" of other continents?
Drama inside the Conti ransomware gang.
Why Matt definitely doesn't spend too much time on Twitter.
How sad should we be about the Queen of England dying?
Some helpful links:
HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine from SentinelOne
AcidRain | A Modem Wiper Rains Down on Europe from SentinelOne
Translated: Talos' insights from the recently leaked Conti ransomware playbook
Victoria & Albert Museum in Discussions to Return Artifacts to Ghana
Ukraine Independence Day: Talos update
Your browser does not support the audio element. Download
Run Time: 00:58:24

Keywords
Beers With Talos
A(nother) new host approaches!

We're excited to add to the growing Beers with Talos family with the addition of Lurene Grenier to the squad. Lurene joins her first episode and hits the ground running talking about her current role within Talos. She, Mitch and Matt talk about the major differences between exploit development and vulnerability discovery, and how Lurene started her career in exploit development. While exploit development might sound like the stereotypical thing a "basement hacker" does, it's actually very important to the security arena and something a hobbyist can easily turn into a career.

Other talking points:
Unsolicited marketing advice for Pennsylvania government agencies.
Dunking on the Tampa Bay Rays.
Why Lurene is always right.
$8 million worth of exploit development for Apple products.
Your browser does not support the audio element. Download
Run Time: 01:00:24

Keywords
Beers With Talos

Beers with Talos Ep. #107: Sailing the high seas in search of privateer groups

You’re not going to believe this, but everyone actually agreed on something in this episode. And no, it’s not regarding the best flavor of beef jerky. In this episode, we discuss a new category of threat actors that we’re choosing to call privateers. The guys discuss why this classification is much needed in the security community, the previous research on this topic, and the ways private security firms can partner with public intelligence agencies to protect against this type of threat. You can find complete show notes and links over on the Talos blog.
Your browser does not support the audio element. Download
Run Time: 00:39:35

Keywords
- Beers with Talos
- privateers
- ransomware
- APTs
Beers With Talos

Is More than Executive Action in Order?

Recorded May 11, 2020 – Craig wins MVP of the podcast for his attempts to avoid discussing… something. Anyway, we went a little long on this podcast, but stick with us as we wind through the recent Executive Order on cybersecurity, and then discuss another… interesting take on how we should then combat these new threats. I feel almost obligated to let you know before you listen, it’s a letter of marque take, and oddly, we all agreed on something.Full show notes on the Talos blog
Your browser does not support the audio element. Download
Run Time: 00:50:09

Keywords
- talos
- security
- executive order
- letter of marque
Beers With Talos

Beers with Talos Ep. #122: LIVE and in living color from RSA

We recorded this special episode live and actually in person last week at the RSA Conference, and we have a special treat for the listeners. The ever-elusive Matt Watchinski, Talos’ fearless leader, joins the show. We mainly spend some time talking about Talos’ work defending Ukraine during the invasion of Russia. Tomorrow, be on the lookout for a more laid-back podcast in the Security Stories feed, because the BWT crew stuck around to record a special episode with them, too.
Your browser does not support the audio element. Download
Run Time: 00:40:54

Keywords
- Ukraine
- cyber attacks
- nation-state
- APTs
Beers With Talos

Beers with Talos Ep. #120: How attackers are finding new ways to bypass MFA

Our rotation of special guests continues on with Nate Pors from Talos Incident Response. Nate has been following several different attacks in which attackers bypassed multi-factor authentication with “prompt bombing” and other techniques. The crew discusses what the security community can do to make MFA safer and how to improve user education about using the technology. Plus, Matt gets an opportunity to eat some humble pie regarding the FBI and the removal of wireless router malware, so that’s always exciting.
Your browser does not support the audio element. Download
Run Time: 00:47:56

Keywords
- MFA
- multi-factor authentication
- Incident Response
Beers With Talos
Beers with Talos Ep. #118: Reacting to the current situation in Ukraine

This was admittedly a tough one to record. In the middle of us trying to respond to the situation in Ukraine, we felt it was important to let our listeners in a bit. Matt, JJ and Liz discuss the work they and their teams are doing in Ukraine to protect critical systems there and keep users online. We also talk about the human side of things, and why it’s important for folks in cybersecurity to think about self care during this time.

If you want to stay up to date on Talos’ work in Ukraine and our ongoing research about cybersecurity concerns in the region, continually check cs.co/TalosUA. Here are some additional links to Talos research and Cisco announcements:

Livestream with Cisco ThousandEyes, Cisco Secure and Cisco Talos
Spam campaigns leveraging Ukraine themes to spread malware, steal cryptocurrency
Cisco’s statement on standing with Ukraine
Your browser does not support the audio element. Download
Run Time: 00:41:10

Keywords
- Ukraine,cyberwar,cybersecurity,cyberattack,APTs
Beers With Talos

Beers with Talos Ep. #114: And then there were two...

(Uploaded again, this time with the correct music!) The OG Beers with Talos folks are dropping like flies, because now we also have to say goodbye to Joel! We know this has been quite the roller coaster for listeners, but we appreciate you all sticking with us through all these changes. We take some time in Joel’s farewell to discuss “Rent,” as only BWT could, and burnout in cybersecurity.
Your browser does not support the audio element. Download
Run Time: 00:54:50

Keywords
- cybersecurity
- people management
- security
- burnout
Beers With Talos

Beers with Talos Ep. #119: If it walks like a BlackCat, meows like a BlackCat...

We’re all still pretty exhausted from our work in Ukraine. But that hasn’t slowed down any of the threat actors, unfortunately. So we enlisted special guest Nick Biasini to dive into the BlackCat ransomware group to discuss how it potentially is or isn’t connected to BlackMatter/DarkSide. These ransomware-as-a-service groups surprisingly run like regular companies, and even have the same problems with employee retention! Plus, Matt and Liz provide updates on their work in helping to defend Ukrainian networks and organizations.

Other talking points:- How to pronounce the company “Nike”- Surprisingly safe-for-work videos on Omegle- Avoiding burnout when everything is on fire
Your browser does not support the audio element. Download
Run Time: 00:33:10

Keywords
- Ukraine
- ransomware
- ransomware-as-a-service
- threat actors
Beers With Talos

Beers with Talos Ep. #117: Talos' Big Game commercial about a month too late

We’re dropping two episodes today. This is undoubtedly the less serious of the two, as it was recorded prior to the invasion of Ukraine. Check out Ep. #118 for more on that situation. In this episode, though, we got to talk about Talos’ involvement at the Super Bowl. Mitch welcomes on Brett Ellis, who was at SoFi Stadium in Los Angeles to help defend “The Big Game,” of Talos Incident Response to discuss his experience. He, JJ and Liz talk about what goes into securing these major global events and talk about what it’s like to have to come in and handle someone else’s networking equipment and then parachute out. If you want to learn more about Talos and Cisco Secure at the Super Bowl, you can read Cisco’s announcement.
Your browser does not support the audio element. Download
Run Time: 00:43:12

Keywords
- Super Bowl
- NFL
- football
- Incident Response
- CTIR