Beers with Talos Podcast

We recorded this episode AFTER Thanksgiving, so you'll need to forgive us for the amount of Thanksgiving talk that doesn't actually apply until Thanksgiving 2024. It all evens out in the end because the annual "Ranksgiving" from special guest David Liebenberg results in the creation of TurkeyLurkey Man. Then, TurkeyLurkey Man helps the rest of the gang recap the top malware and attacker trends from 2023. If you'd like to read more, download the full Talos Year in Review report here. We also discussed the recent CNN article and Talos blog post on our work to protect Ukraine's power grid. 

The podcast discusses the latest Talos Incident Response Quarterly Trends report, highlighting trends in IR engagements such as ransomware, commodity loaders, and data theft extortion. They also explore web application attacks, RDP-based lateral movement, and share personal experiences and frustrations with virtual concerts and video games.

Nigel Houghton, an OG BWTer, delivers hot takes on cybersecurity data sharing and the importance of context. The hosts discuss transportation issues, a peculiar Amazon delivery, football fever, challenges of data feeds, frustration with STIX protocol, data integrity, and a victorious football match.

We know we're like two weeks late to the Barbie party, but the whole Beers with Talos crew has seen it now so we had to talk about it. Expect a lot of "Barbie" talk up at the top. After that, though, we dive into how to set up deception systems and establish your environment to make it harder for an intruder to get in. The goal here is to make it so that attackers have to waste time and resources trying to get in but ultimately come away empty-handed. We talk about why this is important for the systems we build and why the security community doesn't talk enough about this approach. 

In this special episode, Matt is flying solo while he interviews Rachel Tobac, the CEO of SocialProof Security. Rachel's company helps individuals and companies keep their data safe by offering various training and penetration testing opportunities, all related to social engineering attacks and risks. Ahead of BlackHat and DEFCON, Matt wanted to talk to Rachel because they first met at DEFCON a few years ago, where she was a second-place finisher in the Social Engineering Capture the Flag contest for three years in a row. Matt and Rachel discuss the current types of social engineering tactics that adversaries use and the importance of increasing the volume and types of opportunities that exist for women in cybersecurity and privacy. Rachel is the chair of the board for the non-profit Women in Security and Privacy (WISP) where she works to advance women to lead in the fields. She's currently working on sending a delegation of women to BlackHat later this month. 

The Beers with Talos Crew is back to a team of four this week, with special guest Nick Biasini joining the show to talk about Mercenary Groups and the spyware they're creating. This episode, we talk about the current spyware landscape, and how it encompasses "mercenary" groups like the NSO Group and Intellexa, and state-sponsored actors looking to track high-profile targets. Nick's team recently published multiple pieces about this topic and they are actively researching spyware. If listeners suspect their system(s) may have been compromised by commercial spyware, please consider notifying Talos’ research team at talos-mercenary-spyware-help@external.cisco.com to assist in furthering the community’s knowledge of these threats.

Mitch was out for this recording, so Hazel Burton, the newest addition to Team Talos, stepped in to host this episode! She, Lurene and Matt got together for Mental Health Awareness Month and share stories and advice with one another. Cybersecurity is a notoriously rough field for burnout and an imbalance between work and life, so they share some tips they use to decompress after a long day and how they ignore their inner critics. 

Our second of two episodes recorded live at the RSA Conference, Mitch and Lurene are joined by Nick Biasini from Talos Outreach and AJ Shipley, a vice president of product management for Cisco Secure. The four of them recap Nick and AJ's talk they gave at RSA and discuss the centralization of cybersecurity. AJ shares some important insights about the product side of cybersecurity, and how everyone in the space needs to be better focused on stopping the bad guys versus competing against one another. They also cover the announcement of Cisco's newest flagship cybersecurity product: Cisco XDR.

This is the first of two episodes we have coming out that we recorded live at the RSA Conference. In this edition of Beers with Talos, we welcome Mick Baccio, a security strategist for Splunk, to talk about all things RSA. At this point in the week, we had hit the halfway point of RSA and were pretty tired already, so bear with us — don't expect any hardcore security takes here. That being said, we do gather 'round to share stories, and reflect on RSA and the security community as a whole. There's no link for it yet, but buy Mick's book when it comes out! 

This episode discusses network resilience, hardware hygiene, and the recently disclosed Jaguar Tooth campaign. J.J. joins the show and the usual cast to discuss the recent attacks against out-of-date and unpatched wireless routers from sophisticated, state-sponsored actors. J.J., Matt and Lurene detail the research around these campaigns and advice for anyone to improve their network hygiene. If you'd like to talk to the BWT crew more about this topic, they'll be at RSA this week with two live episodes and generally hanging around the Cisco booth. Important links for this episode:Talos blog post on Jaguar ToothCisco's advice on appropriate network hygieneCisco PSIRT blog post on Jaguar Tooth.Cisco Software Checker