Listen to Talos security experts as they dive into emerging threats, forcing the bad guys to innovate, hacking refrigerators, and other security issues, all with beer.

Subscribe
  • Episode 54
    2019-05-29

    Patch After Listening, RDP and Wild 0-days

    Recorded 5/24/19 - There is another Blue(x) to talk about and guess what? YES, YOU STILL NEED TO PATCH. We talk about RDP, the source of this vuln, and whether or not exploits exist for it (hint: they do). There is a quick look back at last year on the anniversary of VPNFilter, and we also tackle 0-days again through the lens of Project Zero’s timeline of 0-days found in the wild.

    Also, Craig hasn’t seen the end of John Wick 3 yet, so feel free to tweet him spoilers. If you are in San Diego for Cisco Live, come find us to see a live recording of the podcast!

    Full show notes on the Talos blog

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 53:57

    Keywords
    • talos
    • security
    • RDP
    • 0-day
    • zero day
    • BlueKeep

  • Episode 53
    2019-05-21

    Shiny Happy Election Security (And Ninjas)

    Recorded 5/10/19 - Election security has been a dominant headline for some time, so it’s high time we take a look at what that landscape looks like - where we are today, and how we got there in the first place (hint: there were deeper unintended consequences than Shiny Happy People on REM’s “Out of Time” album). We anticipate gathering some first-time listeners due to the topic of this podcast... to you we say welcome - and yes, it’s always like this. Matt kicks us off today discussing the greatest nerd rock band of all time - Ninja Sex Party. If you haven’t heard of them, you are in the wrong and should fix that quickly. Full show notes on the Talos blog

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:00:53

    Keywords
    • talos
    • security
    • election security
    • voting
    • ninja sex party

  • Episode 52
    2019-04-30

    I Don’t Trust You Because I Care

    Recorded 4/26/19 - Since Craig decided to skip the podcast today, we decided to invite one of Austin’s top actual security experts, Wendy Nather, to stop by. After Mitch is done being a fanboy, Wendy breaks down zero-trust, beyond the marketing story of a world without a perimeter. We spend most of the time discussing what zero trust looks like as security model and how it can be implemented in the real world. We also dive into usability and “good enough” security. Full show notes available on the Talos blog

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Wendy Nather@wendynather
    Featuring:
    Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 59:19

    Keywords
    • talos
    • security
    • zero trust
    • mfa
    • wendy nather

  • Episode 51
    2019-04-17

    Sea Turtles Yeeting Packets

    Recorded 4/12/19 - Today we rip through a few other things to spend most of our time discussing Sea Turtle - the latest DNS hijacking campaign uncovered by Talos. Also, Joel causes the biggest blockchain outburst in some time. Special thanks for today’s podcast goes to Danny Adamantis, Talos researcher on the Sea Turtle campaign. Danny was going to be with us today, but experienced some technical issues that prevented that from happening. RIP Danny’s mic 4-12-19. Full show notes on the Talos blog

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:01:19

    Keywords
    • talos
    • security
    • DNS
    • hijacking
    • sea turtle

  • Episode 50
    2019-04-05

    Operating Under the Cover of… Nothing

    Recorded 3/29/19 - Matt and Joel are both on the road this week, and Omar Santos from Cisco PSIRT joins the crew to discuss malware posing as ransomware and defending against supply chain attacks. We go deeper on the Talos story exposing criminal groups operating in the open on social media platforms like Facebook - and the implications of criminal groups leveraging social networking. Facebook has removed the disclosed groups, so we discuss the best-effort ways to play whack-a-mole with bad guys on the open web. Full show notes on the Talos blog

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Omar Santos@santosomar
    Featuring:
    Craig Williams@security_craig and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:00:20

    Keywords
    • talos
    • security
    • supply chain
    • facebook
    • asus

  • Episode 49
    2019-03-20

    POS Malware, RSA Highlights, and SOL OpSec Fails

    Recorded 3/15/19 - We recorded this after coming back from RSA, with some on-location highlights included! This EP opens a bit more thought provoking than we typically do, and we move toward discussing POS malware, like Glitch. After the RSA highlights, we discuss OpSec fails, and Nigel becomes a Burning Man convert after learning there are people there on drugs with rockets that he watch for funsies. Full show notes on the Talos blog

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 57:45

    Keywords
    • talos
    • security
    • POS
    • RSA
    • OpSec

  • Episode 48
    2019-03-05

    Loaders or Trojans, and RSA preview

    Recorded 3/1/19 - This is a super short EP - we are trying to get it our for RSA and Matt is MIA today. We are covering the basics of loaders (and the difference between loaders and trojans). We also talk about some RSA activities we have coming at RSA!! Full show notes on the Talos blog.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 32:00

    Keywords
    • talos
    • security
    • trojan
    • loader
    • RSA

  • Episode 47
    2019-02-26

    Privacy, Underwear, and Arias

    Recorded 2/15/19 - We are joined by special guest Michelle Dennedy, VP and Chief Privacy Officer at Cisco. This is a long EP that is worth every minute - covering everything from the modern privacy landscape, privacy as a fundamental human right, and all the ways you didn’t know underwear can protect you. We were a bit concerned about having a VP on, but after Michelle knocked us around a bit we figured out what was up… however, if this is the last EP you see listed, I think we all know what happened. Full show notes on the Talos blog

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Michelle Dennedy@mdennedy
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:27:31

    Keywords
    • talos
    • security
    • privacy
    • michelle dennedy

  • Episode 46
    2019-02-14

    Privacy Pwnd: ExileRAT and Collecting Bad Karma

    Recorded 2/1/19 - Today we discuss threats that bridge the gap between violating privacy and classic cybersecurity threats - malware and systems that are tracking voices of dissent and using their own devices as recon tools against them. The two cases cited in this EP are ExileRAT, a trojan delivered via malicious Office docs targeting supporters of the Tibetan government-in-exile; and Karma, a zero-touch toolkit used by at least one nation-state to remotely surveil essentially all the valuable data in their targets iPhones. We are going to continue this topic on the next episode as we continue to dig deeper into the idea of privacy as a fundamental human right with a very special guest (hint: it’s Michelle Dennedy) so make sure to catch the next EP as well.
    Full show notes on the Talos Blog

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 48:04

    Keywords
    • talos
    • security
    • privacy
    • karma
    • ExileRAT

  • Episode 45
    2019-01-22

    SoHo Attacks, IoT Devices, and the Cesspool Setting

    Recorded 1/18/19 - We have a extended roundtable today (even more than usual) because we accidentally discussed some relevant security topics in the meantime. Eventually, we move on to talk about recent releases, primarily the Pylocky decryptor and more IoT vulnerabilities. We move on to discuss what’s going on in the SoHo device space, with some specific advice and a lot of rage. This EP closes out discussing the release of Holger’s DDR plug-in (download available) and reminding everyone of the TTRS CFP (closing soon!) Full show notes on the Talos blog

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:05:11

    Keywords
    • talos
    • security
    • DDR
    • IoT
    • SoHo
    • TTRS
    • Talos Summit

  • Episode 44
    2019-01-17

    Fun with 2018’s Worst and Talks We Want to Hear

    Recorded 1/7/18 - Most of the EP (after an extended Roundtable - we all had a lot to get out after time off), we look back at the 2018 Year-in-Malware Review -- Olympic Destroyer, VPNFilter, MDM and other unique, large-scale, or otherwise interesting bits of malware that Talos encountered. We also discuss the things we would love to see conference talks about in the new year. Of course, we use that to announce the CFP for Talos Threat Research Summit 2019. If you do defense and want to talk to other defenders, make sure to submit!

    Full show notes on the Talos blog

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:18:59

    Keywords
    • talos
    • security
    • malware
    • year-end
    • TTRS
    • Talos Summit

  • Episode 43
    2018-12-14

    Espionage, Encryption, and CISO Square One

    Recorded 12/7/18 - Several of us are under the weather, but the show must go on. We did our best, as always. After running through some recent research, we spend a good bit of this EP looking through the lens of a recent breach at the first things a new security leader should get a handle on - what questions need to be answered? What information and practices are day-1 vital? We wrap up taking a look at a slew of vulns Talos uncovered in secure messaging apps. Full show notes on the Talos blog

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:07:53

    Keywords
    • talos
    • security
    • vulnerability
    • encryption
    • CISO
    • secure messaging

  • Episode 42
    2018-11-21

    To the Moon, Everyone!

    Recorded 11/16/18 - Cyber moonshot, baby! It’s just like that time the US raced everyone to the moon, except completely different and in-no-way related! Do we need a “cyber moonshot”? Is the plan that was just released the way to get there? ...and holy crap if Craig didn’t actually prepare for this podcast with notes and everything.
    We genuinely hope that you enjoy our rants over the Thanksgiving holiday break (for our American friends) or just at work like usual for the rest of you that don’t have a four day weekend ahead. We are genuinely grateful for you, listeners, as the entire reason that we get to keep doing this podcast. We enjoy having fun spreading the word on security and calling out excellence where we find it. Full show notes on the Talos blog

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:03:05

    Keywords
    • talos
    • security
    • malware
    • moonshot

  • Episode 41
    2018-11-14

    Sex, Money, and Malware

    Recorded 11/9/18 - We tried to make this episode last week, but thanks to some technical difficulties, we ended up calling that one a practice. Here is take two, focused on recent sextorition scams, the pending machine learning apocolyse (hint: it’s neither). We also review why vuln discovery and red teams are the most import line items in your security budget by looking a recent story where being breached cost dozens of lives. Full show notes on the Talos blog

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:08:16

    Keywords
    • talos
    • security
    • sextortion scam
    • machine learning
    • malware
    • red team

  • Episode 40
    2018-10-24

    BWT XL feat. SuperMicro, Giant Patches, and More Mobile Malware

    Recorded 10/19/18 - In celebration of EP40 and hitting over 1 million downloads(!!!), we go XL. This EP is a little long, we go a bit deeper than usual to discuss a few things that are highly unusual - namely, the XL patches dropped by Oracle, and the XL questions surrounding the Bloomberg/SuperMicro story. We also talk about a few mobile threats we have seen and what we have brewing in the mobile threat space. Full show notes available on the Talos blog

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:18:37

    Keywords
    • talos
    • security
    • Bloomberg
    • SuperMicro
    • patching
    • mobile malware

  • Episode 39
    2018-10-19

    VB 2018 Rundown and Prevalent Problems with PDF

    Recorded 10/5/18 - Quick chat to get to know this week’s special guests from the Talos Outreach team - Paul Rascagneres, Vanja Svajcer, and Warren Mercer. We discuss everyone’s work being presented at Virus Bulletin, and Paul and Warren being nominated the Péter Szőr Award. We also cover a lot of vuln discovery work recently released around various PDF software Full show notes available on the Talos Blog

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guests:
    Warren Mercer@SecurityBeard, Vanja Svajcer@VanjaSvajcer, and Paul Rascagneres@R00tBSD
    Featuring:
    Nigel Houghton@EnglishLFC
    Download
    Run Time: 42:46

    Keywords
    • talos
    • security
    • vulnerability
    • Virus Bulletin
    • PDF

  • Episode 38
    2018-09-28

    More Fun with VPNFilter, Getting Pwnd via Spreadsheet

    Recorded 9/21/18 - The whole crew is back together! On the agenda today - VPNFilter part III, now with more known third stage payloads! As much as we have talked about multi-part posts, you know we wouldn’t post if it wasn’t important (on the blog, that is. That rule obvs doesn’t apply here) We are also releasing a related open source tool - WInbox Protocol Dissector. Finally, delve into an AV avoiding DDE and jump off into defense in depth. Full show notes on the Talos blog.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 40:55

    Keywords
    • Talos
    • security
    • podcast
    • VPNFilter
    • Winbox Dissector

  • Episode 37
    2018-09-17

    Snort 3 Beta Uses Multithreading. It’s Super Effective!

    Recorded 9/7/18 - We have Joel back this week (and he is very happy to have himself back), but we lost Matt and we’re still wishing Nigel a speedy recovery from becoming bionic. This EP, we cover the latest findings in Talos MDM research and go over the exciting changes in the newly released Snort 3 beta (your move, Valve.). Bill reprises his role from last week as sentient seat filler that makes good jokes.

    See the full show notes on the Talos blog.

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    William Largent@security_will
    Featuring:
    Craig Williams@security_craig and Joel Esler@JoelEsler
    Download
    Run Time: 43:00

    Keywords
    • Talos
    • security
    • podcast
    • MDM
    • Snort
    • 3 beta

  • Episode 36
    2018-08-30

    There Are Few Shades in the Grey Market

    Recorded 8/24/18 - We’re finally back in the studio after Hacker Summer Camp! Sadly, due to summer vacations and becoming bionic, we are missing Joel and Nigel respectively. We end up discussing most of our topics through the lens of Matt’s frequent Twitter polls. We also find out he bribes followers with free sporks. Craig brings the discussion on the details of Remcos, and go through some interesting points on the emerging grey markets in security software and vuln disco. The crew closes this episode discussing the hypothetical merits of perfect patching versus perfect visibility.

    Full show notes on the Talos Blog

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    William Largent@security_will
    Featuring:
    Craig Williams@security_craig and Matt Olney@kpyke
    Download
    Run Time: 51:53

    Keywords
    • Talos
    • security
    • podcast
    • Remcos
    • grey market

  • Episode 35
    2018-08-16

    Live from the RiRa at Black Hat

    Recorded 8/8/18 - We decided to broadcast while we were all together at Black Hat - and invited everyone over for lunch and beers. Since we had a room full of people, we made this EP “choose your own podcast” and tooks topics from the audience. Neil Jenkins from the Cyber Threat Alliance came by to bestow befitting superhero swag on Matt and Adam for their work on VPNFilter. Headlining this event is our very special guest - Dave Bittner from The CyberWire. Full show notes podcast blog post

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Dave Bittner@bittner
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 01:22:27

    Keywords
    • talos
    • security
    • black hat
    • defcon
    • cyberwire
    • cyber threat alliance

  • Episode 34
    2018-07-26

    Click Here to Assign New Mobile Device Owner

    Recorded 7/20/18 - This week, we touch on several topics, but we spend the lion’s share of the EP discussing MDM. We are joined by Aaron Woland and spend a great deal of time discussing how these attacks work and how these are attacks happen to users of all devices across platforms. We talk about the differences in how MDM is handled across different OS flavors, and the similarities in how the attacks happen (hint: users ignoring the warnings). Click here for the full show notes on the blog

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Aaron Woland@AaronWoland
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:07:47

    Keywords
    • Talos
    • security
    • podcast
    • MDM
    • vuln discovery

  • Episode 33
    2018-07-15

    Change the Conversation or the People Having It?

    Recorded 7/6/18 - This episode is a bit less technical than most as we take on how the security conversation is happening and who is a part of it. Coincidentally (we promise), that dovetails in with Matt’s contention that everybody just needs to stop acting with unending self-interest. Once again, Craig goes on vacation and all hell breaks loose, giving birth to a new concept in ransomware - Send us Bitcoin or we send Craig to a remote island for a month. Also - we are going to be doing a live EP from BalckHat! Registration link and full show notes available on the Talos blog.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 48:10

    Keywords
    • talos
    • security
    • thanatos
    • community

  • Episode 32
    2018-06-27

    Live from Orlando Pt 2: Take All the Things Off the Internet

    Recorded 6/13/18 - Still live in Orlando, just this time from the lovely lobby bar at the convention center hotel. We are joined by Lurene Grenier to dig a bit deeper on her keynote from TTRS. Lurene is here to give you the offensive view of attacking your network. If you want a hot take on defense from someone who is pure offense, well… buckle up and break out your cord cutting scissors. You are already saying “We can’t do that!” Lurene is telling you that if you decide to take this seriously enough, you can and should.

    Full show notes on the Talos blog

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Lurene Grenier
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 45:42

    Keywords
    • talos
    • security
    • Lurene
    • TTRS
    • segmentation

  • Episode 31
    2018-06-21

    Live from Cisco Live! - VPNFilter Update and Our First Summit Recap

    Recorded 6/12/18 - Special episode for two reasons! To start, we are recording one-take live from CiscoTV Studio B at Cisco Live in Orlando, FL. - which leads to the second reason, there is video of this episode in the show notes blog post! Join us as we cover the VPNFilter update Talos released June 6th and we recap the inaugural Cisco Talos Threat Research Summit. Check out the full show notes
    Ed. Note - This is what no content editing looks like

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:05:26

    Keywords
    • talos
    • VPNFilter
    • Cisco Live
    • Threat Research Summit

  • Episode 30
    2018-05-29

    VPNFilter, the Unfiltered Story

    Recorded 5/25/18 - As you can expect, this EP focuses on VPNFilter. We discuss how we got involved, why Talos made the decision to disclose when we did, and we cover many details of the malware itself. There is a lot of background to this ongoing discussion. Take a peek behind the curtain of the defense against this attack as we cover many different aspects of the malware, the attack, and the mitigation. Show notes on the Talos Blog

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:01:12

    Keywords
    • talos
    • security
    • router security
    • APT
    • VPNFilter
    • VPN Filter

  • Episode 29
    2018-05-17

    This is a PSA: Stop Clicking. There is No Prince.

    Recorded 5/11/18 - First and foremost, we recorded this EP one day before our “birthday”. We want to thank everyone, especially you (the listeners), who have let us do this for the last year racking up over half a million downloads!

    In this EP, we welcome special guest Nick Biasini from Talos Outreach - we set out to talk about several topics, but spend most of our time with Nick around the idea of building a stronger culture of cybersecurity and what it would take to raise the baseline. We are missing Matt this week, and hope he had an amazing time following the DMB tour up to Burlington or whatever he was doing.

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Nick Biasini@InfoSec_Nick
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 56:19

    Keywords
    • talos
    • security
    • security baseline
    • gandcrab
    • mysql multi-master

  • Episode 28
    2018-05-05

    APT, BGP, RCEs, and an Old RAT

    Recorded 4/27/18 - Special guest intro this week from Chippah. We chat about what defines an “APT”, the recent BGP attacks, and the progress of GravityRAT. We also get an update on Vuln Discovery and the spate of recent releases. Matt has specific feelings about USB-C and his new computer.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 51:52

    Keywords
    • talos
    • security
    • router security
    • APT
    • BGP
    • GravityRAT
    • Vuln Disco

  • Episode 27
    2018-04-20

    Smart Install, Vuln Process Realities, and Professional Wrestling

    Recorded 4/13/18 - We just upgraded all our gear, so naturally we had a straight tech meltdown this week and we saved it the best we could. Matt will sound way better next week. Promise. We cover Smart Installer. Again. But that leads down a discussion of security versus convenience that leads to us discussing the process of vuln disclosure - how vendor discussions, release dates, and policies work in the real world. Seriously, we grounded Matt’s computer for misbehaving with the audio.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 51:07

    Keywords
    • Security
    • threat intel
    • smart install
    • vulnerability discovery
    • talos threat summit

  • Episode 26
    2018-04-06

    Talos is Holding a Conference, and the Evolving Battle at the Edge

    Recorded 3/29/18 - Joel is sitting out this week and Bill Largent from the Outreach team fills in. We are pretty sure he was just wrong late trying to live on Joel Mean Time, which is now a GitHub project thanks to Moses (link below). We cover a wide range in this episode, so stay with us! We chat about the Talos Threat Research Summit coming in June, we wonder where the carrots to match the sticks in security are, and the value of finding your own damn vulns. The last part of the show starts with discussing GoScanSSH which ends up being a discussion on the larger battle for the edge.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Matt Olney@kpyke, Nigel Houghton@EnglishLFC, and William Largent@security_will
    Download
    Run Time: 1:04:13

    Keywords
    • talos
    • threat research summit
    • goscanssh
    • security
    • vulnerability research

  • Episode 25
    2018-03-20

    WE’LL DO IT LIVE!!

    Recorded 3/13/18 - LIVE from San Jose, CA.
    First of all - we still have a podcast and jobs, so ostensibly, we did okay hosting the meeting event we talked about last time. There may have even been an award involved, just sayin'. Since we were all in one place together and we didn’t get fired, we decided to do our podcast live after the meeting for an audience. We are joined by Talos Sr. Director Matt Watchinski this episode, discussing such existential questions as “why security?” and more concrete things like nation state vs. cybercriminal actors and their differing motivations. We also discuss router security and network devices as a preferred attack vector for advanced actors. Special bonus: Matt beats perhaps the last laugh out of the dead horse that is Paul Revere himself. #CantBooShowNotes

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Matt Watchinski@KMX2600
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:01:00

    Keywords
    • talos
    • security
    • router security
    • APT
    • cybercriminals
    • LIVE

  • Episode 24
    2018-03-08

    Reflections on DDoS and Bad Authentication Schemes

    Recorded 3/2/18 - Craig is out this week, but the rest of the crew goes through COINHORDER and Memcached and takes a deeper look at authentication and passwords. We cover an overview of reflection attacks and how some passwords schemes that are meant to protect, actually cause harm. We also bid you farewell, since our next episode is supposed to be live after the crew hosts a meeting that stands a not-insignificant chance of getting us all fired. Wish us luck - and send us questions that can make Craig pose to really important Cisco executives.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:02:58

    Keywords
    • talos
    • security
    • malware
    • DDoS
    • memcached
    • authentication

  • Episode 23
    2018-02-23

    Eternal Fauxmance: Attribution Easter Eggs

    Recorded 2/16/18 - This week, Mitch learns about starting a show without Matt with no other plans to control Craig in place. The team discusses Olympic Destroyer and then takes on attribution in light of recent developments with Nyetya. We look at what attribution actually takes and the ease and commonality of planting false flags.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 56:37

    Keywords
    • talos
    • nyetya
    • notpetya
    • olympic destroyer
    • attribution
    • Rob Joyce

  • Episode 22
    2018-02-06

    Forget the ASA, Rob Joyce Favorited Craig’s Tweet

    Recorded 2/2/18 - Guests two EPs in a row! We are joined by Omar Santos from Cisco PSIRT to discuss CVE-2018-0101, the Cisco ASA Remote Code Execution and Denial of Service Vulnerability. See the PSIRT post below for latest updates. We also discuss Crypto miners overtaking ransomware, a Flash 0-day carrying a known ROKRAT payload (huh??), and we couldn’t escape discussing Autosploit because Rob Joyce faved one of Craig’s tweets.

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Omar Santos@santosomar
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:09:53

    Keywords
    • talos
    • security
    • ASA
    • CVE-0218-0101
    • autosploit
    • flash
    • 0-day

  • Episode 21
    2018-01-26

    How to Hire the Best, Attribution Without Apaches is Useless

    It is a packed episode this time! We are joined by Edmund from the Talos Outreach Group to chat about Threat Modeling after we make our way through attribution and Group 123, hipster artisanal patching (hand flipped bits!), and spend a good bit of time talking about how Talos identifies the cream of the crop when we are hiring.

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Edmund Brumaghin
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:07:34

    Keywords
    • talos
    • security
    • malware
    • attribution
    • hiring
    • patching

  • Episode 20
    2018-01-18

    Crypto, Vuln Disco, and the Spectre Meltdown

    This is easily our best podcast of 2018 (so far). The crew discusses the recent spike in crypto-mania sweeping the globe and also goes in-depth on how vulnerability discovery plays a critical role in overall security. Plus, the crew all (shockingly) have different takes on Spectre/Meltdown and Craig decides to up the ante with the killer robots.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:07:07

    Keywords
    • Crypto
    • vulnerability discovery
    • Talos
    • security
    • spectre
    • meltdown

  • Episode 19
    2017-12-29

    The "Best" of Beers with Talos 2017

    Quotes intended, we think you know why. Mitch takes control to present the best of the first (partial) year of the podcast. He covers some of our guests, some of our favorite non-security bits, and a look back at our in-the-moment view of some of the top stories of the year.

    Things you can look forward to: Mitch struggling through sailing solo with bad bits and unnecessary ukulele music, and a not-at-all-contrived apology for permanently deleting the hilarious fallout from an embarrassing faux pas. ...but the clips are really good!

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:00:00

    Keywords
    • talos
    • security
    • malware
    • best of

  • Episode 18
    2017-12-15

    Kitties in My Blockchain, Obfuscating Pronunciations, and Other Security Stuff

    It’s the last full episode of the year! Thanks to you and the diligent work of Matt’s loving mother, the first 17 EPs of Beers with Talos were downloaded over 200,000 times in 2017! To show our gratitude, we are giving you not one, but TWO roundtables this week and even a special bonus rant! Also, Mitch can’t say words good, and Craig reads us stories from the blog!

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:16:25

    Keywords
    • bwt
    • talos
    • obfuscation
    • back to basics
    • cryptokitties

  • Episode 17
    2017-11-21

    Greek Gods, Trojans, and the Spice Girls as Spirit Animals

    Matt hijacks the Roundtable to tell us which Spice Girl each host is, because where else does a PR gimmick from KFC lead? Also, what’s worse than clicking a search result and getting a slideshow listicle? Getting a trojan payload when searching for banking forms (but that is the only thing that is worse - ARE YOU LISTENING BUZZFEED?). We also discuss the misnaming of troll farms and how patching and proper network segmentation are your friends - unlike anyone who publishes clickbait slideshows - STILL LOOKING AT YOU, BUZZFEED)

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 58:50

    Keywords
    • talos
    • security
    • cybersecurity
    • zeus
    • panda
    • patching
    • troll farms
    • spice girls
    • SEO
    • SERP poisoning

  • Episode 16
    2017-11-03

    Strong Copy - Bad Rabbit and the Nyetya Connection

    The crew takes on Apache OpenOffice vulns and when you need one CVE versus one hundred. We spend a lot of time discussing signal to noise ratio and Twitter canaries getting things wrong. Of course, we also discuss Bad Rabbit, its relationship to Nyetya, and why OpenOffice vulns are a worry, even to businesses that are run like hippie communes. As per usual, we mostly just make bad jokes.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 01:15:35

    Keywords
    • strcopy
    • Bad Rabbit
    • Nyetya
    • OpenOffice
    • vulns
    • malware
    • security
    • Talos

  • Episode 15
    2017-10-18

    Landing a Job, Phishing Midstream, and Paul’s IDA Palette

    In this EP, we take on interviewing and finding a job with technical questions and tests (hint: don’t oversell yourself, and make sure your mute button actually works). We also talk about enabling users with security as opposed to hobbling them. When Craig brings up the Google Home Mini beta test issues, he ends up taking a ration over his choices in handling the situation. We also discuss some clever new phishing techniques that insert malware links mid-conversation with a trusted party.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:03:00

    Keywords
    • talos
    • security
    • jobs
    • interviews
    • phishing
    • trustsec
    • malware

  • Episode 14
    2017-10-03

    Ranking Threats and Avoiding Bush League Breach Response

    We haven’t gone around the table and introduced ourselves in some time (about 50k downloads ago), so we take the time we usually complain about things at the top of the show to do that. We have seen a massive amount of “top-tier” threats in the last six months or so. While it might seem like comparing apples and oranges (hint: it is), the crew takes a stab at ranking these recent threats/attacks: CCleaner, Deloitte, Equifax, Nyetya, SEC, Shamoon2, WannaCry. Shockingly, all of us have a different ranking. What’s your list look like? Regarding response: Consistency matters, don’t be clever. We discuss some recent unbelievably boneheaded things we have seen in security response. More importantly, we discuss how you SHOULD respond to an incident. Remember: Complexity kills. Unfortunately, it doesn’t kill thought leaders

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:02:10

    Keywords
    • Security
    • threat intel
    • Talos
    • breach response
    • chippah

  • Episode 13
    2017-09-20

    A Vast CCleanup, Strutting Your Stuff, and the Ex$ploit Economy

    Struts - when to patch and when to patch with a vengeance. In light of the Equifax breach, we discuss how patching can make you live better days, Never look back and say, Could have been me. Naturally, that covo leads into the biggest story of the week around Pwning the Supply Chain - CCleaner, Python, and Nyetya style. Avast made some mistakes, but every tech company is susceptible to supply chain attacks. What can companies do to protect themselves and how can users adopt a stronger security posture in this area? We also talk Ex$ploit Economy - Valuing exploits by supply and demand. Zerodium has an extensive price list, what can we discern about the availability and difficulty of various exploits using basic economics?

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:01:19

    Keywords
    • Security
    • threat intel
    • Equifax
    • struts
    • Avast
    • CCleaner
    • exploits
    • Zerodium
    • Talos

  • Episode 12
    2017-09-14

    IrmaGerd! The Internet Ate Our Podcast

    Matt runs the ship this week in Mitch’s absence. Craig and Nigel are joined by Bill Largent and Joel was… in a meeting? The crew discusses ambulance chasing and crying wolf in the security industry and also what the security press is doing to perpetuate questionable reporting. We also chat at length about what exactly goes into vulnerability discovery, chaining exploits, and the months of work to get to those “12 seconds” of glory at Pwn2Own.

    Did we mention the internet ate our attempted episode last week? Sorry about that. We do our best to make up for missing a week this time. But man, that was a great episode you missed…

    Hosted By:
    Matt Olney@kpyke
    Special Guest:
    William Largent@security_will
    Featuring:
    Craig Williams@security_craig and Nigel Houghton@EnglishLFC
    Download
    Run Time: 57:00

    Keywords
    • Security
    • threat intel
    • media
    • exploits
    • vulnerability discovery

  • Episode 11
    2017-08-29

    This is How the Internet Ends, Not with a Whimper but with Cyber Mercenaries

    Off the top: Better late than never? On top of being distributed all around the planet this week, we had some technical issues with our recording platform. Matt’s audio remained a challenge; it is rough this week. Bear with us, the audio quality will be back to what you have come to expect next episode. If you would like to speak to the manager, please hold. The last several years have seen a continuing surge in booters, DDOS, and combined exploit campaigns for-hire coming out of Asia and other regions. What does this tell us about the continued “professionalization” of the cyber criminal enterprise? We also discuss “hacking back” - some say it should be legal. Most people who know what they are talking about seem to think otherwise.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:02:00

    Keywords
    • talos
    • security
    • hacking back
    • DDOS
    • booters
    • combined exploits

  • Episode 10
    2017-08-08

    Being FIRST and Conveying Doubt (That It’s a Conference Hangover)

    The BlackHat/DEFCON recovery episode. This one may be a touch rough, with some great gems. We discuss why music in 1994 was so terrible, including a BWT rendition of some classic Ace of Bass. The FIRST tool is discussed in some detail, how using our IDA Pro plug-in saves time a reduces duplication of effort. A vital topic in this EP is Matt’s post “On Conveying Doubt” how can intel professionals couch our findings in the appropriate amount of certainty.

    We discuss Warren’s amazing shorts ad nauseam (thanks Sammi for the submission!!) and also talk about ClamAV 0.99.3 release and what you’ll find inside.

    Main topic - what is the value in the mega-cons? Are they getting too big? Has the value increased, decreased, or just changed with growth?

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 58:16

    Keywords
    • Security
    • threat intel
    • BlackHat
    • DEFCON
    • FIRST
    • Conveying Doubt

  • Episode 9
    2017-07-24

    The Doctor is In, Just in Time for Vegas

    This is a special episode, we are joined by long-time friend of Talos, Dr. Adam J. O’Donnell, PhD. Adam is the founder/co-founder of many amazing technologies, including Immunet and had created the core technologies of many tools on the frontlines of cybe rwarfare. He gives us a candid look at his process in building security technologies, his interest in the arts, and why you should let him know about any heart conditions before going out for the evening.

    This is our last podcast before BlackHat and DEFCON as well - we have some great info on how to get catch Talos at Security Summer Camp 2017 as well a preview of the winning submission of the #ShortsForWarren competition. Poor, poor Warren. He made a bad decision letting us do this.

    Craig and Joel split time in this episode, because Joel had meetings and Craig was having a BBQ he didn’t invite us to.

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Adam J O’Donnell@adamjodonnell
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 59:17

    Keywords
    • Security
    • threat intel
    • Immunet
    • AMP
    • BlackHat
    • DEFCON
    • Adam J. O'Donnell

  • Episode 8
    2017-07-10

    We'll Make Great Pet(ya)s

    Nyetya, NotPetya, PetrWrap, ExPetr, whatever you want to call it - although Nyetya is clearly the most clever name, not that Warren and I came up with it or anything - has wrecked havoc on the Ukraine and multinational companies doing business there. This episode takes a deep look at the threat, the vectors used, and how it worked. We also discuss how organizations can protect themselves from this and similar threats that we will likely see in the future.

    Feedback question: Send us links to the shorts Warren (@SecurityBeard) should wear the to Talos party at BlackHat. If we pick your submission, we will send you a Talos loot drop! Tweet us @TalosSecurity #Shorts4Warren or email beerswithtalos@cisco.com

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:03:30

    Keywords
    • Security
    • threat intel
    • Petya
    • NotPetya
    • Nyetya
    • MeDoc
    • Ukraine

  • Episode 7
    2017-06-28

    This Podcast is Clearly Fake News

    Special guest and Talos team member Sean Baird comes by to discuss the Fake News Challenge - and the Talos team, Solat in the Swen, taking first place in stage 1. Nigel displays a disturbing lack of faith in Python. Joel and Matthew both provide an insane amount of valuable commentary compared to previous episodes. The part of Matthew Olney is being played by Kate Nolan. Joel Esler is being played by Dave Maynor.

    Feedback question: Why should we let Joel back on the podcast? Tweet us @TalosSecurity

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Sean Baird
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:00:45

    Keywords
    • talos
    • security
    • malware
    • fake news
    • IoT vulnerability

  • Episode 6
    2017-06-13

    Enter the Talos, But Please Use a Unique Password

    The team discusses how to get into threat intel and join a team like Talos. There are many routes to enter the Talos, but no exits. Seriously, they won’t let me leave. Passwords, vaults, and other access controls are discussed more in-depth as well.
    Mitch opens the show discussing poor life choices like drinking with folks from Norn Iron, Nigel divulges details of his life-long obsession with men in shorts, Matt forces his team to endure war games in suburban Baltimore, Joel threatens to have a mental breakdown over buzzwords, and Craig turns his roundtable segment into a full topic...shocking, I know. Feedback question: What SHOULD Nigel be tweeting? Tweet us @TalosSecurity, use #BWT or email us BeerswithTalos@cisco.com.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 01:00:13

    Keywords
    • Security
    • threat intel
    • research
    • password
    • passphrase
    • password manager
    • hiring

  • Episode 5
    2017-05-30

    It Has Been 0-days Since this Term was Abused

    The crew talks about the potential of Samba echoing WannaCry and blocking SMB ports (but you already did that, RIGHT?). Also, get a history lesson and proper usage guidance on words like 0-day, backdoor, and other terms that the industry loves to hype and abuse for extra clicks.

    Feedback question: What is stuck in Joel’s head? Tweet us @TalosSecurity or email us BeerswithTalos@cisco.com

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 45:40

    Keywords
    • Security
    • threat intel
    • WannaCry
    • 0-day
    • Samba
    • backdoor

  • Episode 4
    2017-05-17

    OMG I Just WannaCry

    Friday May 12 brought us the WannaCry/wcrypt ransomware worm. In this podcast dedicated entirely to WannaCry, Craig, Joel and Mitch are joined by Matt Olney, head of the threat intelligence group at Talos, and Warren Mercer, Talos Tech Lead. We discuss what we know so far and what we can expect to see in the near future.

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Warren Mercer@SecurityBeard
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 43:19

    Keywords
    • WannaCry
    • wcrypt
    • ransomware
    • worm
    • shadow brokers

  • Episode 3
    2017-05-12

    FCC SNAFU, ROKRAT, FUD, and Other Fun Acronyms (OFAs)

    Discussion around what's real and what's not with recent FCC decisions, FUD in the security press, ROKRAT hitting selected targets in South Korea, and if software itself can be illegal. Bonus topic: Mayor Joel was once a real thing.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 37:37

    Keywords
    • Security
    • threat intel
    • FCC
    • RAT
    • vuln dev
    • malware

  • Episode 2
    2017-05-12

    Necurs (Predictably) Returns, Video Games are a Gateway Hack

    Craig, Nigel, Joel and Mitch discuss spam resurgence via Necurs waking up, vuln dev in niche spaces, Crypt010cker, and hacking video games as a gateway drug for researchers.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 19:07

    Keywords
    • Security
    • Threat intel
    • necurs
    • spam
    • cryptolocker
    • malware

  • Episode 1
    2017-05-12

    If You Must Break the IoT, Please Do It Responsibly

    Four guys from Talos talking about breaking IoT, responsible vulnerability disclosure, and finding new malware...written in Go.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 29:31

    Keywords
    • Security
    • threat intel
    • malware
    • IoT
    • vulnerability development