DiscoverBeers with Talos Podcast
Beers with Talos Podcast
Claim Ownership

Beers with Talos Podcast

Author: Cisco Talos

Subscribed: 876Played: 17,200
Share

Description

Threats, Beers, and No Silver Bullets. Listen to Talos security experts as they dive into emerging threats, forcing the bad guys to innovate, hacking refrigerators, and other security issues, all with beer.
88 Episodes
Reverse
Nigel is out this week, but we have a couple light and breezy topics on the docket: 0-day research and the institutions of democracy. FUN STUFF!! First, we chat about 0-day research tools and the questions raised around them, contrasted to the time before security research was widely accepted. We spend the last half of the show discussing some of the findings and finer points of Matt’s recently released research paper on election security “What to expect when you’re electing”.
Has it been 3 years already? We have a great episode to celebrate! We start off chatting about the origins of BWT and what made it… I don’t know… the way that it is. We also have some great guests. Hazel and Ben from the Security Stories podcast come by to talk about another anniversary of note to all of us - NotPetya. We also chat about what makes storytelling a powerful tool (even in security), and atypical paths to careers in cybersecurity. While we are talking about communication, we wrap up this ep discussing and sharing what worked (and still works) for Talos over the series of critical response events that included NotPetya and one of our very first podcast episodes. Full show notes on the Talos blog
Recorded June 5, 2020 – Prod. Note: Things are a hot mess right now and the team thinks that there are voices you have needed to hear more than ours, so we held back on releasing a few episodes. This is the last of those withheld eps, please pardon any weeks-old info. Be safe, be kind, and listen to each other. Black lives matter. This was a difficult show to make in light of the events the week prior. We were all in a mood along with the rest of the US and the world, and it showed. There was no amount of editing that could save that Roundtable. Regardless, we dig into vulnerabilities and exploits this episode starting with looking at the top 10 most exploited vulns from a recent CISA report (Full disclosure: Talos assisted in the creation of that report). We start to dig into some deeper convos around pentesting platforms and exploit stability that are sure to come back up soon. Full show notes on the Talos blog
The In-Between, Vol. 5

The In-Between, Vol. 5

2020-06-2527:28

Recorded May 29, 2020 – Prod. Note: Things are a hot mess right now and the team thinks that there are voices you have needed to hear more than ours, so we held back on releasing a few episodes. We are releasing those now, please pardon any weeks-old info. Be safe, be kind, and listen to each other. Black lives matter. This is the last of the In-Between episodes. Thanks for having fun with this non-security miniseries across a span of weeks that I am not even going to try and neatly sum up in snarky podcast notes. We started this miniseries as a fun way for us to stay connected and put some extra podcasts in your playlist as we all got used to new routines and staying at home. We can’t keep that pace forever, so here is where the In-Between wraps. The questions you’ve sent us on Twitter have been amazing, you can expect to see that become a recurring thing. I hope that you’ve enjoyed these episodes as much as we enjoyed making them. From all of us, thank you for listening and stay safe - Cheers. Full show notes on the Talos blog
Recorded May 26, 2020 – Prod. Note: Things are a hot mess right now and the team thinks that there are voices you have needed to hear more than ours, so we held back on releasing a few episodes. We are releasing those now, please pardon any weeks-old info. Be safe, be kind, and listen to each other. Black lives matter. You, our audience, have asked this question a lot - in person, on Twitter, in DMs, and one of you even sent me InMail - so we spend a whole EP talking about advancing your career in the middle stages - whether you are interested in jumping on the management track or rising to the top of the engineering/technical hill, there are certain skills, relationships, and habits that will make your quest more effective. Quest? Wow, I have really been playing too many games lately. Full show notes on the Talos blog
The In-Between, Vol. 4

The In-Between, Vol. 4

2020-06-1133:30

Recorded May 15, 2020 – Prod. Note: Things are a hot mess right now and the team thinks that there are voices you have needed to hear more than ours, so we held back on releasing a few episodes. We are releasing those now, please pardon any weeks-old info. Be safe, be kind, and listen to each other. Black lives matter. Sammi (inexplicably) continues tolerating hanging out with the rest of the crew on the The In-Between. As usual, we avoid discussing security at all costs. These EPs are all about keeping in touch and catching up to chat. We talk about cool stuff we are watching to occupy our time and JOEL DID HIS ONE JOB! so, we are taking your (amazing) questions from Twitter. Keep sending your questions for our regular episodes as well — @TalosSecurity #BWT.
Brad Garnett from Cisco Talos Incident Response joins us today to talk about DFIR, the Talos Quarterly Trends Report, and how a high-speed police chase on reality TV kick-started his DFIR career. That’s not even clickbait, for real. After Brads drops a quick IR trends briefing on us, the crew drills down on some key findings. (IDK what that means either, but there were good questions asked and great discussions in response). We are taking your questions from Twitter so keep sending them for the next “The In-Between” episode — @TalosSecurity #BWT.
The In-Between, Vol. 3

The In-Between, Vol. 3

2020-05-1530:23

Recorded May 1, 2020 – Sammi is back and the rest of the crew is here to hang out, chat, and as is The In-Between Way - avoid discussing security at all. These EPs are all about just keeping in touch and having some fun. Despite Joel forgetting his one. job. on this podcast, we are taking your (sometimes crazy) questions from Twitter on these episodes, so keep sending them for the next “The In-Between” episode — @TalosSecurity #BWT. Full show notes on the Talos blog
Matt isn’t with us today, but the rest of the crew discusses current security issues in our new WFH environment, including some more-than-the-basics advice on how to protect yourself and your organization’s data while working wherever. We go a bit more in depth on VPN and explain how VPNs work, how they protect you, and more importantly, how they DON’T protect you. The key takeaway of this podcast, however, is that we need to start a campaign to formally recognize the legitimacy of Social Mulligans (this counts as a trademark, right?) Send us your questions for the next “Quittin’ Time” episode — @TalosSecurity #BWT. Full show notes on the Talos Blog
We are renaming these episodes - “Quittin’ time” was okay and all, but “The In-between” better captures what these eps are. Compared to our normally named eps, you can expect the same lack of actual security content presented in Vol. 1, just a shorter format. You seem to enjoy us taking your (sometimes crazy) questions from Twitter, so keep sending them! We are doing these extra episodes because we need to laugh and have some fun right now, and hopefully give you the same little break from reality - we want you to come on in and have a laugh on us. Send us your questions for the next “The In-Between” episode — @TalosSecurity #BWT. Full show notes on the Talos blog
We have a couple great topics today - and only one of them is a COVID-19 related topic. So, it turns out that you can fake fingerprints - the good news is that it takes a lot of time, equipment, and expertise. It is much easier for a criminal to just make you unlock it yourself. We have also seen an unprecedented level of collaboration and righteous anger across all vendors responding to COVID-based scams. Literally everyone is just watching, documenting, and hunting anything even tangentially related to the current health crisis. The challenge is that all the cooks are in the kitchen, which is really a good problem to have… Send us your questions for the next “Quittin’ Time” ep! — @TalosSecurity #BWT. Full show notes on the Talos Blog
Recorded April 3, 2020 – We’re kinda bored. We figured you are too. So we decided to get together between normal recordings to help save you from the bottom of the Netflix barrel. It gets weird down there. These Quittin’ Time eps are just the crew hanging out for a bit without a security topic agenda. Sans. None of that. Honestly, if you’re not a fan of the banter in the Roundtable and Closing Thoughts segments, this …probably isn’t your cup of tea. Anyway, we have fun getting together and feeling more normal for a bit, we hope you have fun listening to the heavily edited version of that. Send us your questions for the next QT ep - @TalosSecurity #BWT. Full show notes available on the Talos blog.
Our goal is always to talk to you about what’s on our minds. Right now, we are pretty sure we all have the same thing on our minds. In addition to our regular show material, we want to talk through some of the things that we are dealing with professionally and personally in the hopes that it applies and is useful to you. To that end, we asked Sammi Seaman (our Education coordinator and resident mega-extrovert) to stop by and chat with us about the challenges of working from home and shifting the way we work. We aren’t breaking any massive news and threats this week, rather we are talking about what the industry is thinking about. As a heads up, we are increasing episodes from biweekly to weekly, and rotating in different topics while we’re all stuck at home. Hopefully, this is helpful for you and us both. Drop us a tweet and let us know what is on your mind. Be safe, and wash your hands, you filthy animals. Full show notes on the Talos blog.
Recorded 3/13/20 - Of course we have to talk about the implications of Coronavirus to the way business and security are getting done. While everything about the COVID-19 pandemic seems to be a fluid situation, a rare constant has been the same rehashed disaster scams. But that could quickly change with the mass shift toward remote work. This episode takes a look at both securing that shift as well as practical advice for those of us finding ourselves as newly remote employees. Full show notes on the Talos blog
Impacting Civil Society

Impacting Civil Society

2020-03-1241:531

Recorded 3/02/20 - We open up the show with a sugary sweet poem before talking about RSA and our annual trip through the startup hall. Matt expertly segues the crew into talking about the impact the security industry can have on public-interest technologies and civil society - both in the industry sense as well as in the interpersonal sense. FInally, we take a look at opposing mindsets and approaches, discussing how partnering with an adversarial approach is not near the oxymoron it seems. Full show notes on the Talos blog
Recorded 2/19/20 - Craig made an oopsie. He sends his apologies for the echo-chamber reverb. We had no idea until he sent in his audio for mixing, we would never do this to you intentionally. This is a shorter ep focusing on software licencing and features as well as vulnerability disclosure. Join us to talk about vendors abilities to disable feature sets and owning versus using products. We further chat about vulnerabilities and how a vendor with no security advisories is often seen as a “more secure” option, when in fact, that can mean the exact opposite. Full show notes on the Talos blog
Recorded 1/31/20 - When a vulnerability is released, regardless if it has a website and logo or not, we need to understand the risk to the network and what defense options are possible before the patch is ready for production. Can you defend against the vulnerability or do you go straight for known exploits? What happens if an exploit occurs? Also discussed: Talos begins releasing Threat Assessment Reports based on IR engagement data and known prevalent threats. Snort has a new series of training and lab videos available for Snort 2 and Snort3. Full show notes on the Talos blog
Recorded 1/20/20 - Powershell is a frequent flyer in security headlines - a powerful and oft wielded tool for attackers and defenders alike. This ep takes a look at Powershell and how to help ensure its security posture as an effective management tool. We also look at the missing-the-forrest-for-the-trees concept of behind being concerned about the latest shiny ATP before all else. Full show notes on the Talos blog
Recorded 1/6/20 - There is a looming cyber conflict on the horizon between the US and Iran. We use all our time this week to discuss the situation at hand and take a hard look at what you should have already done foundationally. The crew offers insight and analysis of what nation-state cyber conflict looks like and what you can do to elevate your security strategy to the next level in an uncertain time of increased suspicion. Full show notes on the Talos blog
Recorded 12/20/19 - In a shorter year-end EP, we take a look back and a look forward. It seems everyone else wants to break out the crystal ball this time of year and prognosticate the coming year’s threat landscape. We don’t have one of those, so we used a Magic 8-ball, but we’re pretty confident the results are as-good or better. However, most of the EP is dedicated to going through the notable security events of the past year. We take a look at the lasting effects and lessons learned from 2019’s biggest threats. Full show notes on the Talos blog
loading
Comments 
Download from Google Play
Download from App Store