Beers with Talos Podcast
Beers with Talos
Threats, Beers, and No Silver Bullets. Listen to Talos security experts as they dive into emerging threats, forcing the bad guys to innovate, hacking refrigerators, and other security issues, all with beer.
Semper Vigilantes - Strategic Defense in a Cyber ConflictJan 16, 2020 49:50
Description:Recorded 1/6/20 - There is a looming cyber conflict on the horizon between the US and Iran. We use all our time this week to discuss the situation at hand and take a hard look at what you should have already done foundationally. The crew offers insight and analysis of what nation-state cyber conflict looks like and what you can do to elevate your security strategy to the next level in an uncertain time of increased suspicion. Full show notes on the [Talos blog](https://blog.talosintelligence.com/2020/01/beers-with-talos-ep-70-semper.html)
2019 Threat Recap - RATs, Turtles, and Worms!Jan 6, 2020 39:23
Description:Recorded 12/20/19 - In a shorter year-end EP, we take a look back and a look forward. It seems everyone else wants to break out the crystal ball this time of year and prognosticate the coming year’s threat landscape. We don’t have one of those, so we used a Magic 8-ball, but we’re pretty confident the results are as-good or better. However, most of the EP is dedicated to going through the notable security events of the past year. We take a look at the lasting effects and lessons learned from 2019’s biggest threats. Full show notes [on the Talos blog](https://blog.talosintelligence.com/2020/01/beers-with-talos-ep-69-2019-threat.html)
Talos Takes Ep. #3: The basics of malvertisingDec 17, 2019 6:14
Description:In episode 3 of Talos Takes, Nick Biasini and Earl Carter give walk through malvertising 101. Why should you be worried about it? Why are there so many malicious ads online? What is the online advertising market like?
Talos Takes Ep. #2: How to keep your fancy new IoT toy secureDec 17, 2019 5:00
Description:So you just got a new smart home assistant for Christmas. Now what? On episode #2 of Talos Takes, Nick Biasini and Earl Carter tell you how to keep your new smart device secure. From doorbells to refrigerators, it seems like everything has to be connected to the internet now. Here are the best practices for patching, settings and more.
Talos Takes Ep. #1: How to avoid common holiday shopping scamsDec 17, 2019 4:27
Description:Welcome to the first-ever episode of Talos Takes. In each episode, our researches and analysts will put the Talos spin on the hottest news in security. We're starting out with how to avoid common holiday shopping scams. When is a deal too good to be true? Is it actually safer to use payment services like Google Pay and Apple Pay?
Takes from Talos on IoT (and the NEW “Talos Takes” podcast announced!)Dec 17, 2019 44:05
Description:Recorded 12/9/19 - *We have a big announcement to make today! Check your feed for a few Ep’s of a new podcast from Talos - “Talos Takes”.* On this Ep of BWT, we welcome Joe Marshall to the table - Joe is a Talos ICS/IoT tech lead and he stops by to discuss issues in the IoT space - macro and micro, from both the vendor and user perspectives. Check out the crew’s advice on staying secure in this IoT gift giving season. We will see you in the new year, and thanks for listening in 2019. Merry Christmas and Happy Holidays to all!!! Full show notes on the [Talos blog](https://blog.talosintelligence.com/2019/12/beers-with-talos-ep-68-takes-from-talos.html)
Inside Incident ResponseDec 9, 2019 56:10
Description:Craig is out sick/injured/fighting robots (actually all three), so we brought in Sean Mason from Talos IR to talk shop today and give you the inside scoop on IR (and Sean’s next-level beard care regimen). How do incidents affect the enterprise and consumers? How has the advent of widespread ransomware fundamentally shifted the burden of responsibility in the c-suite and what have been the outcomes? What does a responder have in the bag when they arrive on-site? Full show notes on the [Talos blog](https://blog.talosintelligence.com/2019/12/beers-with-talos-ep-67-inside-incident.html)
I Choose YOU! Attackers view of targets, RLAs, and scam seasonNov 20, 2019 46:15
Description:Recorded 11/8/19 - Joel is out on PTO, so Mitch, Matt, Nigel, and Craig carry the banner this EP discussing how attackers approach targets like investors looks at portfolio. We also talk about how the most recent off-cycle elections in the US give us a glimpse of improvements and changes in election security. Finally, we take a quick look at popular scams and how attackers use seasonality to increase the relevance of their scam for emotional response. Full notes on the [Talos Blog](https://blog.talosintelligence.com/2019/11/beers-with-talos-ep-66-i-choose-you.html)
Please Welcome to the Show… Talos Incident ResponseNov 5, 2019 53:57
Description:Recorded 10/25/19 - Today is a bit different. We normally keep things pretty neutral on this show (not really), but today is all about the new service Talos is launching - say hello to Talos Incident Response. Amy Henderson from the Talos Intel and Interdiction group joins us as we discuss the full circle of threat intelligence - from global visibility to hyper local context, and how IR allows those feed each other to the improvement of both. Listen to the announcement as we discuss what IR is, what it means in general, and what Talos brings to that equation. We hope you are half as excited as we are, because that is still pretty dang excited. Lastly, Craig isn’t with us today, but you get to decide his fate for being dishonest with you, dear listeners. We will deliver you justice. Full show notes - and more in-depth info [on the Talos blog](https://blog.talosintelligence.com/2019/11/beers-with-talos-ep-65-please-welcome.html)
Your Problem Isn’t Complex, Its Simply ComplexityOct 25, 2019 56:29
Description:Recorded 10/10/19 - This EP lives up to it’s name, by trying to only take on a minimal topic and then becoming completely convoluted. We start of with an extended round table (I even cut like half of it out) and then start talking about the trials and tribulations of making things too complex - from software to network design. If the devil is in the details, then the danger is in there being too many of them. We take two simple examples - PDF readers and a trip to the doctors office - and look at how the complexity jammed into the tech around these two things is where things become disturbingly dangerous. Full show notes [on the Talos blog](https://blog.talosintelligence.com/2019/10/beers-with-talos-ep-64-your-problem.html)
The Third Law of ThermodynamicsOct 11, 2019 57:24
Description:Recorded 9/27/19 - We are down Matt and Joel today, so Mitch, Craig, and Nigel are taking you through this EP. We cover some recent posts from Talos with Divergent and Tortoiseshell. Turns out, people get a bit excited when you target US veterans with malware - even other malware authors thinks that’s scummy. That takes us into a chat about social engineering in general and we end up talking about some interesting stuff with unpatchable vulns and why deleting /var on install could be described as a bad idea for a Chrome update. Full show notes on the [Talos blog](https://blog.talosintelligence.com/2019/10/beers-with-talos-ep-63-third-law-of.html)
Fifty Shades of ShadySep 26, 2019 54:01
Description:Recorded 9/13/19 - In one of our rantier episodes of late, the BWT crew dives into the ongoing insidiousness that is cryptomining with Watchbog, and then we turn our attention to some idiot that thinks charging people $50 to bypass MFA on their own machines is a swell idea, because nothing bad can happen there, right? RIGHT?! Finally, we take a look at some recent breaches and the trend of attempting to downplay the severity of a breach because the data ex-fil wasn’t “vital or important”. Again, what can go wrong with that line of thinking? This is fine. Everything is just fine. Security is solved, we can go home now. Full show notes on the [Talos blog](https://blog.talosintelligence.com/2019/09/beers-with-talos-ep-62-fifty-shades-of.html)
Hacking for Good is a Bad IdeaSep 11, 2019 1:07:42
Description:Recorded 8/30/19 - In this extra-sized EP, we cover a lot - starting with Retadup, and discussing the intricate workings of why it’s a bead idea to execute code on other computers without permission when you have no idea what that computer is doing. WannaCry is making some headlines again, but this time it isn’t WannaCry and frankly it’s not news. From the mobile ecosystem os battleground, Google’s Project0 announced several vulns in iOS that have been discovered being exploited in the wild, with some of the exploit chains leveraging 0-day. Most important development of the week is that journalists are now quoting Matt of his Twitter timeline and this is certain to end well. Full show notes available [on the Talos blog](https://blog.talosintelligence.com/2019/09/beers-with-talos-ep-61-hacking-for-good.html)
Summer Camp Flashbacks and Defining Your IntelAug 30, 2019 1:09:40
Description:Recorded 8/16/19 - The understatement of the day would be the guys were in some kind of mood today... There is no explaining the way they are sometimes. We ended up discussing a lot of the awesome things that went on at Blackhat and DEFCON… like the time Matt and Mitch got ejected from the Aviation Village for recognizing the prowess of the greatest plane ever built. BRRRRRRT. And also the time Joel ejected himself from the Cisco party. Deeper in the EP we get into threat intelligence – what is it, how to find the intel you need, and how to leverage it to create value. Full show notes on the [Talos blog](https://blog.talosintelligence.com/2019/08/beers-with-talos-ep-60-summer-camp.html)
The Tardy EpisodeAug 16, 2019 53:13
Description:Recorded 8/2/19 - Yes, I know what today’s date is. We got really busy last week and I am sorry that the podcast is late. Really, I wish I wasn’t writing these notes at 12:#0r4-j3pofw…. What? Anyway, we talk about malvertising and dig into that ecosystem a bit looking at some of the competing priorities (hint: none of them are your privacy). We also discuss BlueKeep making its debut in Canvas and surely soon to follow in other fine pen testing platforms. We use that opportunity to review a little bit of RDP knowledge and defense. We’re recording again tomorrow and I really don’t want to hear what my co-hosts will say if this isn’t out by then, so I’m going to go hit publish now. Full show notes on the [Talos blog](https://blog.talosintelligence.com/2019/08/beers-with-talos-ep-59-tardy-episode.html)
Defending Democracy and Doing DEFCONJul 24, 2019 1:12:50
Description:Recorded 7/19/19 - Wow, we packed a lot in this one: election security, burner phones, social app ToS, and maybe the worst opsec of all time - of course, Nigel blames Canada for all of it. Fair warning, this EP set a new record for beeps and train horns, so you have been warned. We primarily take a look at how an attacker would see disrupting democracy (and not in the cool startup way) by looking at the available attack surface with their intentions in mind. We also lay out some cases where burner devices make sense and where they might not. We close up with some helpful tips to enjoy a massive con like BlackHat or DEFCON. But seriously, that was a lot of beeps. Full show notes on the [Talos blog](https://blog.talosintelligence.com/2019/07/beers-with-talos-ep-58-defending.html)
It’s a Business Decision, Not Rocket ScienceJul 18, 2019 53:56
Description:Recorded 7/8/19 - Matt skipped today’s podcast in favor of a meeting - for real. The rest of the crew carried on to discuss a few of this week’s hot button issues - municipalities paying (or not paying) the ransom, NASA JPL reporting APT breached their network via a rouge Pi (in true Mr. Robot fashion), and looking at rouge devices in general. Next EP will be our last before Black Hat and DEFCON, so tune in to find out where you can find Talos! Full show notes on the [Talos blog](https://blog.talosintelligence.com/2019/07/beers-with-talos-ep-57-its-business.html)
Flatlined: Breach to BankruptJul 3, 2019 44:33
Description:Recorded 6/24/19 - Back in the studio for EP 56 and off the top, Matt got some new toy for his side hustle as a Twitch star - I still can’t figure out exactly how he did what he did, but it was not helpful from a producer’s perspective. It’s repaired, but still enough to apologize for. This is why we can’t have nice things. We discuss the issues around the AMCA data heist - a breach that caused a bankruptcy - and the complexity of securely moving sensitive data, like PII and HIPAA data, to the cloud. As we get deeper, we end up discussing the issues inherent in medical data - namely, its sensitivity and data security issues so systemic in nature that not even HIPAA can help. Full notes on the [Talos blog](https://blog.talosintelligence.com/2019/07/beers-with-talos-ep-56-flatlined-breach.html)
BWT Live from San Diego!Jun 25, 2019 57:57
Description:Recorded 6/12/19 - God knows why, but we bring you another live EP from the Talos Threat Research Summit at Cisco Live US in San Diego, CA. We are joined by TTRS keynote speaker (as is tradition) Liz Wharton. Catch the highlights of the show and stick around for hot takes from the live audience. Thanks to everyone who showed up to the recording, especially those brave enough to step up to the mic at the end. This is our annual reminder of why we don’t do this more often. Full show notes on the [Talos blog](https://blog.talosintelligence.com/2019/06/beers-with-talos-ep-55-live-from-san.html)
Patch After Listening, RDP and Wild 0-daysMay 29, 2019 53:57
Description:Recorded 5/24/19 - There is another Blue(x) to talk about and guess what? YES, YOU STILL NEED TO PATCH. We talk about RDP, the source of this vuln, and whether or not exploits exist for it (hint: they do). There is a quick look back at last year on the anniversary of VPNFilter, and we also tackle 0-days again through the lens of Project Zero’s timeline of 0-days found in the wild. Also, Craig hasn’t seen the end of John Wick 3 yet, so feel free to tweet him spoilers. If you are in San Diego for Cisco Live, come find us to see a live recording of the podcast! Full show notes [on the Talos blog](https://blog.talosintelligence.com/2019/05/beers-with-talos-ep-54-patch-after.html)
Shiny Happy Election Security (And Ninjas)May 21, 2019 1:00:53
Description:Recorded 5/10/19 - Election security has been a dominant headline for some time, so it’s high time we take a look at what that landscape looks like - where we are today, and how we got there in the first place (hint: there were deeper unintended consequences than Shiny Happy People on REM’s “Out of Time” album). We anticipate gathering some first-time listeners due to the topic of this podcast... to you we say welcome - and yes, it’s always like this. Matt kicks us off today discussing the greatest nerd rock band of all time - Ninja Sex Party. If you haven’t heard of them, you are in the wrong and should fix that quickly. Full show notes [on the Talos blog](https://blog.talosintelligence.com/2019/05/beers-with-talos-ep-53-shiny-happy.html)
I Don’t Trust You Because I CareApr 30, 2019 59:19
Description:Recorded 4/26/19 - Since Craig decided to skip the podcast today, we decided to invite one of Austin’s top actual security experts, Wendy Nather, to stop by. After Mitch is done being a fanboy, Wendy breaks down zero-trust, beyond the marketing story of a world without a perimeter. We spend most of the time discussing what zero trust looks like as security model and how it can be implemented in the real world. We also dive into usability and “good enough” security. Full show notes available [on the Talos blog](https://blog.talosintelligence.com/2019/04/beers-with-talos-ep-52-i-dont-trust-you.html)
Sea Turtles Yeeting PacketsApr 17, 2019 1:01:19
Description:Recorded 4/12/19 - Today we rip through a few other things to spend most of our time discussing Sea Turtle - the latest DNS hijacking campaign uncovered by Talos. Also, Joel causes the biggest blockchain outburst in some time. Special thanks for today’s podcast goes to Danny Adamantis, Talos researcher on the Sea Turtle campaign. Danny was going to be with us today, but experienced some technical issues that prevented that from happening. RIP Danny’s mic 4-12-19. Full show notes [on the Talos blog](https://blog.talosintelligence.com/2019/04/beers-with-talos-ep-51-sea-turtles.html)
Operating Under the Cover of… NothingApr 5, 2019 1:00:20
Description:Recorded 3/29/19 - Matt and Joel are both on the road this week, and Omar Santos from Cisco PSIRT joins the crew to discuss malware posing as ransomware and defending against supply chain attacks. We go deeper on the Talos story exposing criminal groups operating in the open on social media platforms like Facebook - and the implications of criminal groups leveraging social networking. Facebook has removed the disclosed groups, so we discuss the best-effort ways to play whack-a-mole with bad guys on the open web. Full show notes on the [Talos blog](https://blog.talosintelligence.com/2019/04/beers-with-talos-ep-50-operating-under.html)
POS Malware, RSA Highlights, and SOL OpSec FailsMar 20, 2019 57:45
Description:Recorded 3/15/19 - We recorded this after coming back from RSA, with some on-location highlights included! This EP opens a bit more thought provoking than we typically do, and we move toward discussing POS malware, like Glitch. After the RSA highlights, we discuss OpSec fails, and Nigel becomes a Burning Man convert after learning there are people there on drugs with rockets that he watch for funsies. Full show notes [on the Talos blog](https://blog.talosintelligence.com/2019/03/beers-with-talos-ep-49-pos-malware-rsa.html)
Loaders or Trojans, and RSA previewMar 5, 2019 32:00
Description:Recorded 3/1/19 - This is a super short EP - we are trying to get it our for RSA and Matt is MIA today. We are covering the basics of loaders (and the difference between loaders and trojans). We also talk about some RSA activities we have coming at RSA!! Full show notes on the Talos blog.
Privacy, Underwear, and AriasFeb 26, 2019 1:27:31
Description:Recorded 2/15/19 - We are joined by special guest Michelle Dennedy, VP and Chief Privacy Officer at Cisco. This is a long EP that is worth every minute - covering everything from the modern privacy landscape, privacy as a fundamental human right, and all the ways you didn’t know underwear can protect you. We were a bit concerned about having a VP on, but after Michelle knocked us around a bit we figured out what was up… however, if this is the last EP you see listed, I think we all know what happened. Full show notes on the [Talos blog](https://blog.talosintelligence.com/2019/02/beers-with-talos-ep-47-privacy.html)
Privacy Pwnd: ExileRAT and Collecting Bad KarmaFeb 14, 2019 48:04
Description:Recorded 2/1/19 - Today we discuss threats that bridge the gap between violating privacy and classic cybersecurity threats - malware and systems that are tracking voices of dissent and using their own devices as recon tools against them. The two cases cited in this EP are ExileRAT, a trojan delivered via malicious Office docs targeting supporters of the Tibetan government-in-exile; and Karma, a zero-touch toolkit used by at least one nation-state to remotely surveil essentially all the valuable data in their targets iPhones. We are going to continue this topic on the next episode as we continue to dig deeper into the idea of privacy as a fundamental human right with a very special guest (hint: it’s Michelle Dennedy) so make sure to catch the next EP as well. Full show notes [on the Talos Blog](https://blog.talosintelligence.com/2019/02/beers-with-talos-ep-46.html)
SoHo Attacks, IoT Devices, and the Cesspool SettingJan 22, 2019 1:05:11
Description:Recorded 1/18/19 - We have a extended roundtable today (even more than usual) because we accidentally discussed some relevant security topics in the meantime. Eventually, we move on to talk about recent releases, primarily the Pylocky decryptor and more IoT vulnerabilities. We move on to discuss what’s going on in the SoHo device space, with some specific advice and a lot of rage. This EP closes out discussing the release of Holger’s DDR plug-in (download available) and reminding everyone of the TTRS CFP (closing soon!) Full show notes on the [Talos blog](https://blog.talosintelligence.com/2019/01/beers-with-talos-ep-45-soho-attacks-iot.html)
Fun with 2018’s Worst and Talks We Want to HearJan 17, 2019 1:18:59
Description:Recorded 1/7/18 - Most of the EP (after an extended Roundtable - we all had a lot to get out after time off), we look back at the 2018 Year-in-Malware Review -- Olympic Destroyer, VPNFilter, MDM and other unique, large-scale, or otherwise interesting bits of malware that Talos encountered. We also discuss the things we would love to see conference talks about in the new year. Of course, we use that to announce the CFP for Talos Threat Research Summit 2019. If you do defense and want to talk to other defenders, make sure to submit! Full show notes [on the Talos blog](https://blog.talosintelligence.com/2019/01/beers-with-talos-ep44-fun-with-2018s.html)
Espionage, Encryption, and CISO Square OneDec 14, 2018 1:07:53
Description:Recorded 12/7/18 - Several of us are under the weather, but the show must go on. We did our best, as always. After running through some recent research, we spend a good bit of this EP looking through the lens of a recent breach at the first things a new security leader should get a handle on - what questions need to be answered? What information and practices are day-1 vital? We wrap up taking a look at a slew of vulns Talos uncovered in secure messaging apps. Full show notes [on the Talos blog](https://blog.talosintelligence.com/2018/12/beers-with-talos-ep-43-espionage.html)
To the Moon, Everyone!Nov 21, 2018 1:03:05
Description:Recorded 11/16/18 - Cyber moonshot, baby! It’s just like that time the US raced everyone to the moon, except completely different and in-no-way related! Do we need a “cyber moonshot”? Is the plan that was just released the way to get there? ...and holy crap if Craig didn’t actually prepare for this podcast with notes and everything. We genuinely hope that you enjoy our rants over the Thanksgiving holiday break (for our American friends) or just at work like usual for the rest of you that don’t have a four day weekend ahead. We are genuinely grateful for you, listeners, as the entire reason that we get to keep doing this podcast. We enjoy having fun spreading the word on security and calling out excellence where we find it. Full show notes [on the Talos blog](https://blog.talosintelligence.com/2018/11/beers-with-talos-ep42-to-moon-everyone.html)
Sex, Money, and MalwareNov 14, 2018 1:08:16
Description:Recorded 11/9/18 - We tried to make this episode last week, but thanks to some technical difficulties, we ended up calling that one a practice. Here is take two, focused on recent sextorition scams, the pending machine learning apocolyse (hint: it’s neither). We also review why vuln discovery and red teams are the most import line items in your security budget by looking a recent story where being breached cost dozens of lives. Full show notes [on the Talos blog](https://blog.talosintelligence.com/2018/11/beers-with-talos-ep-41-sextortion-money.html)
BWT XL feat. SuperMicro, Giant Patches, and More Mobile MalwareOct 24, 2018 1:18:37
Description:Recorded 10/19/18 - In celebration of EP40 and hitting over 1 million downloads(!!!), we go XL. This EP is a little long, we go a bit deeper than usual to discuss a few things that are highly unusual - namely, the XL patches dropped by Oracle, and the XL questions surrounding the Bloomberg/SuperMicro story. We also talk about a few mobile threats we have seen and what we have brewing in the mobile threat space. Full show notes available [on the Talos blog](https://blog.talosintelligence.com/2018/10/beers-with-talos-ep40-bwt-xl-feat.html)
VB 2018 Rundown and Prevalent Problems with PDFOct 19, 2018 42:46
Description:Recorded 10/5/18 - Quick chat to get to know this week’s special guests from the Talos Outreach team - Paul Rascagneres, Vanja Svajcer, and Warren Mercer. We discuss everyone’s work being presented at Virus Bulletin, and Paul and Warren being nominated the Péter Szőr Award. We also cover a lot of vuln discovery work recently released around various PDF software Full show notes available [on the Talos Blog](https://blog.talosintelligence.com/2018/10/beers-with-talos-ep-39-vb-2018-rundown.html)
More Fun with VPNFilter, Getting Pwnd via SpreadsheetSep 28, 2018 40:55
Description:Recorded 9/21/18 - The whole crew is back together! On the agenda today - VPNFilter part III, now with more known third stage payloads! As much as we have talked about multi-part posts, you know we wouldn’t post if it wasn’t important (on the blog, that is. That rule obvs doesn’t apply here) We are also releasing a related open source tool - WInbox Protocol Dissector. Finally, delve into an AV avoiding DDE and jump off into defense in depth. Full show notes [on the Talos blog](https://blog.talosintelligence.com/2018/09/beers-with-talos-ep38-more-fun-with.html).
Snort 3 Beta Uses Multithreading. It’s Super Effective!Sep 17, 2018 43:00
Description:Recorded 9/7/18 - We have Joel back this week (and he is very happy to have himself back), but we lost Matt and we’re still wishing Nigel a speedy recovery from becoming bionic. This EP, we cover the latest findings in Talos MDM research and go over the exciting changes in the newly released Snort 3 beta (your move, Valve.). Bill reprises his role from last week as sentient seat filler that makes good jokes. See the full show notes on the [Talos blog](https://blog.talosintelligence.com/2018/09/beers-with-talos-ep-37-snort-3-beta.html).
There Are Few Shades in the Grey MarketAug 30, 2018 51:53
Description:Recorded 8/24/18 - We’re finally back in the studio after Hacker Summer Camp! Sadly, due to summer vacations and becoming bionic, we are missing Joel and Nigel respectively. We end up discussing most of our topics through the lens of Matt’s frequent Twitter polls. We also find out he bribes followers with free sporks. Craig brings the discussion on the details of Remcos, and go through some interesting points on the emerging grey markets in security software and vuln disco. The crew closes this episode discussing the hypothetical merits of perfect patching versus perfect visibility. Full show notes [on the Talos Blog](https://blog.talosintelligence.com/2018/08/beers-with-talos-ep-36-there-are-few.html)
Live from the RiRa at Black HatAug 16, 2018 01:22:27
Description:Recorded 8/8/18 - We decided to broadcast while we were all together at Black Hat - and invited everyone over for lunch and beers. Since we had a room full of people, we made this EP “choose your own podcast” and tooks topics from the audience. Neil Jenkins from the Cyber Threat Alliance came by to bestow befitting superhero swag on Matt and Adam for their work on VPNFilter. Headlining this event is our very special guest - Dave Bittner from The CyberWire. Full show notes podcast [blog post](https://blog.talosintelligence.com/2018/08/beers-with-talos-ep-35-live-from-rira.html)
Click Here to Assign New Mobile Device OwnerJul 26, 2018 1:07:47
Description:Recorded 7/20/18 - This week, we touch on several topics, but we spend the lion’s share of the EP discussing MDM. We are joined by Aaron Woland and spend a great deal of time discussing how these attacks work and how these are attacks happen to users of all devices across platforms. We talk about the differences in how MDM is handled across different OS flavors, and the similarities in how the attacks happen (hint: users ignoring the warnings). [Click here](https://blog.talosintelligence.com/2018/07/beers-with-talos-ep-34-click-here-to.html) for the full show notes on the blog
Change the Conversation or the People Having It?Jul 15, 2018 48:10
Description:Recorded 7/6/18 - This episode is a bit less technical than most as we take on how the security conversation is happening and who is a part of it. Coincidentally (we promise), that dovetails in with Matt’s contention that everybody just needs to stop acting with unending self-interest. Once again, Craig goes on vacation and all hell breaks loose, giving birth to a new concept in ransomware - Send us Bitcoin or we send Craig to a remote island for a month. Also - we are going to be doing a live EP from BalckHat! Registration link and full show notes [available on the Talos blog](https://blog.talosintelligence.com/2018/07/beers-with-talos-ep33-change.html).
Live from Orlando Pt 2: Take All the Things Off the InternetJun 27, 2018 45:42
Description:Recorded 6/13/18 - Still live in Orlando, just this time from the lovely lobby bar at the convention center hotel. We are joined by Lurene Grenier to dig a bit deeper on her keynote from TTRS. Lurene is here to give you the offensive view of attacking your network. If you want a hot take on defense from someone who is pure offense, well… buckle up and break out your cord cutting scissors. You are already saying “We can’t do that!” Lurene is telling you that if you decide to take this seriously enough, you can and should. Full show notes on the [Talos blog](https://blog.talosintelligence.com/2018/06/beers-with-talos-ep-32-live-from.html)
Live from Cisco Live! - VPNFilter Update and Our First Summit RecapJun 21, 2018 1:05:26
Description:Recorded 6/12/18 - Special episode for two reasons! To start, we are recording one-take live from CiscoTV Studio B at Cisco Live in Orlando, FL. - which leads to the second reason, there is video of this episode in the show notes blog post! Join us as we cover the VPNFilter update Talos released June 6th and we recap the inaugural Cisco Talos Threat Research Summit. Check out the [full show notes](https://blog.talosintelligence.com/2018/06/beers-with-talos-ep31-live-from-cisco.html)
*Ed. Note - This is what no content editing looks like*
VPNFilter, the Unfiltered StoryMay 29, 2018 1:01:12
Description:Recorded 5/25/18 - As you can expect, this EP focuses on VPNFilter. We discuss how we got involved, why Talos made the decision to disclose when we did, and we cover many details of the malware itself. There is a lot of background to this ongoing discussion. Take a peek behind the curtain of the defense against this attack as we cover many different aspects of the malware, the attack, and the mitigation. Show notes on the [Talos Blog](http://cs.co/BWTep30)
This is a PSA: Stop Clicking. There is No Prince.May 17, 2018 56:19
Description:Recorded 5/11/18 - First and foremost, we recorded this EP one day before our “birthday”. We want to thank everyone, especially you (the listeners), who have let us do this for the last year racking up over half a million downloads! In this EP, we welcome special guest Nick Biasini from Talos Outreach - we set out to talk about several topics, but spend most of our time with Nick around the idea of building a stronger culture of cybersecurity and what it would take to raise the baseline. We are missing Matt this week, and hope he had an amazing time following the DMB tour up to Burlington or whatever he was doing.
APT, BGP, RCEs, and an Old RATMay 5, 2018 51:52
Description:Recorded 4/27/18 - Special guest intro this week from Chippah. We chat about what defines an “APT”, the recent BGP attacks, and the progress of GravityRAT. We also get an update on Vuln Discovery and the spate of recent releases. Matt has specific feelings about USB-C and his new computer.
Smart Install, Vuln Process Realities, and Professional WrestlingApr 20, 2018 51:07
Description:Recorded 4/13/18 - We just upgraded all our gear, so naturally we had a straight tech meltdown this week and we saved it the best we could. Matt will sound way better next week. Promise. We cover Smart Installer. Again. But that leads down a discussion of security versus convenience that leads to us discussing the process of vuln disclosure - how vendor discussions, release dates, and policies work in the real world. Seriously, we grounded Matt’s computer for misbehaving with the audio.
Talos is Holding a Conference, and the Evolving Battle at the EdgeApr 6, 2018 1:04:13
Description:Recorded 3/29/18 - Joel is sitting out this week and Bill Largent from the Outreach team fills in. We are pretty sure he was just wrong late trying to live on Joel Mean Time, which is now a GitHub project thanks to Moses (link below). We cover a wide range in this episode, so stay with us! We chat about the Talos Threat Research Summit coming in June, we wonder where the carrots to match the sticks in security are, and the value of finding your own damn vulns. The last part of the show starts with discussing GoScanSSH which ends up being a discussion on the larger battle for the edge.
WE’LL DO IT LIVE!!Mar 20, 2018 1:01:00
Description:Recorded 3/13/18 - LIVE from San Jose, CA.
First of all - we still have a podcast and jobs, so ostensibly, we did okay hosting the meeting event we talked about last time. There may have even been an award involved, just sayin'. Since we were all in one place together and we didn’t get fired, we decided to do our podcast live after the meeting for an audience. We are joined by Talos Sr. Director Matt Watchinski this episode, discussing such existential questions as “why security?” and more concrete things like nation state vs. cybercriminal actors and their differing motivations. We also discuss router security and network devices as a preferred attack vector for advanced actors. Special bonus: Matt beats perhaps the last laugh out of the dead horse that is Paul Revere himself. #CantBooShowNotes