Beers with Talos Podcast

Recorded 12/7/18 - Several of us are under the weather, but the show must go on. We did our best, as always. After running through some recent research, we spend a good bit of this EP looking through the lens of a recent breach at the first things a new security leader should get a handle on - what questions need to be answered? What information and practices are day-1 vital? We wrap up taking a look at a slew of vulns Talos uncovered in secure messaging apps.Full show notes on the Talos blog

Recorded 11/16/18 - Cyber moonshot, baby! It’s just like that time the US raced everyone to the moon, except completely different and in-no-way related! Do we need a “cyber moonshot”? Is the plan that was just released the way to get there? …and holy crap if Craig didn’t actually prepare for this podcast with notes and everything.We genuinely hope that you enjoy our rants over the Thanksgiving holiday break (for our American friends) or just at work like usual for the rest of you that don’t have a four day weekend ahead. We are genuinely grateful for you, listeners, as the entire reason that we get to keep doing this podcast. We enjoy having fun spreading the word on security and calling out excellence where we find it.Full show notes on the Talos blog

Recorded 10/19/18 - In celebration of EP40 and hitting over 1 million downloads(!!!), we go XL. This EP is a little long, we go a bit deeper than usual to discuss a few things that are highly unusual - namely, the XL patches dropped by Oracle, and the XL questions surrounding the Bloomberg/SuperMicro story. We also talk about a few mobile threats we have seen and what we have brewing in the mobile threat space.Full show notes available on the Talos blog

Recorded 10/5/18 - Quick chat to get to know this week’s special guests from the Talos Outreach team - Paul Rascagneres, Vanja Svajcer, and Warren Mercer. We discuss everyone’s work being presented at Virus Bulletin, and Paul and Warren being nominated the Péter Szőr Award. We also cover a lot of vuln discovery work recently released around various PDF softwareFull show notes available on the Talos Blog

Recorded 9/21/18 - The whole crew is back together! On the agenda today - VPNFilter part III, now with more known third stage payloads! As much as we have talked about multi-part posts, you know we wouldn’t post if it wasn’t important (on the blog, that is. That rule obvs doesn’t apply here) We are also releasing a related open source tool - WInbox Protocol Dissector. Finally, delve into an AV avoiding DDE and jump off into defense in depth.Full show notes on the Talos blog.

Recorded 9/7/18 - We have Joel back this week (and he is very happy to have himself back), but we lost Matt and we’re still wishing Nigel a speedy recovery from becoming bionic. This EP, we cover the latest findings in Talos MDM research and go over the exciting changes in the newly released Snort 3 beta (your move, Valve.). Bill reprises his role from last week as sentient seat filler that makes good jokes.See the full show notes on the Talos blog.

Recorded 8/24/18 - We’re finally back in the studio after Hacker Summer Camp! Sadly, due to summer vacations and becoming bionic, we are missing Joel and Nigel respectively. We end up discussing most of our topics through the lens of Matt’s frequent Twitter polls. We also find out he bribes followers with free sporks. Craig brings the discussion on the details of Remcos, and go through some interesting points on the emerging grey markets in security software and vuln disco. The crew closes this episode discussing the hypothetical merits of perfect patching versus perfect visibility.Full show notes on the Talos Blog

Recorded 8/8/18 - We decided to broadcast while we were all together at Black Hat - and invited everyone over for lunch and beers. Since we had a room full of people, we made this EP “choose your own podcast” and tooks topics from the audience. Neil Jenkins from the Cyber Threat Alliance came by to bestow befitting superhero swag on Matt and Adam for their work on VPNFilter. Headlining this event is our very special guest - Dave Bittner from The CyberWire. Full show notes podcast blog post

Recorded 7/20/18 - This week, we touch on several topics, but we spend the lion’s share of the EP discussing MDM. We are joined by Aaron Woland and spend a great deal of time discussing how these attacks work and how these are attacks happen to users of all devices across platforms. We talk about the differences in how MDM is handled across different OS flavors, and the similarities in how the attacks happen (hint: users ignoring the warnings). Click here for the full show notes on the blog

Recorded 6/13/18 - Still live in Orlando, just this time from the lovely lobby bar at the convention center hotel. We are joined by Lurene Grenier to dig a bit deeper on her keynote from TTRS. Lurene is here to give you the offensive view of attacking your network. If you want a hot take on defense from someone who is pure offense, well… buckle up and break out your cord cutting scissors. You are already saying “We can’t do that!” Lurene is telling you that if you decide to take this seriously enough, you can and should.Full show notes on the Talos blog