Listen to Talos security experts as they dive into emerging threats, forcing the bad guys to innovate, hacking refrigerators, and other security issues, all with beer.

  • Beers With Talos : Episode 17
    2017-11-21

    Greek Gods, Trojans, and the Spice Girls as Spirit Animals

    Matt hijacks the Roundtable to tell us which Spice Girl each host is, because where else does a PR gimmick from KFC lead? Also, what’s worse than clicking a search result and getting a slideshow listicle? Getting a trojan payload when searching for banking forms (but that is the only thing that is worse - ARE YOU LISTENING BUZZFEED?). We also discuss the misnaming of troll farms and how patching and proper network segmentation are your friends - unlike anyone who publishes clickbait slideshows - STILL LOOKING AT YOU, BUZZFEED)

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 58:50

    Keywords
    • talos
    • security
    • cybersecurity
    • zeus
    • panda
    • patching
    • troll farms
    • spice girls
    • SEO
    • SERP poisoning

  • Beers With Talos : Episode 16
    2017-11-03

    Strong Copy - Bad Rabbit and the Nyetya Connection

    The crew takes on Apache OpenOffice vulns and when you need one CVE versus one hundred. We spend a lot of time discussing signal to noise ratio and Twitter canaries getting things wrong. Of course, we also discuss Bad Rabbit, its relationship to Nyetya, and why OpenOffice vulns are a worry, even to businesses that are run like hippie communes. As per usual, we mostly just make bad jokes.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 01:15:35

    Keywords
    • strcopy
    • Bad Rabbit
    • Nyetya
    • OpenOffice
    • vulns
    • malware
    • security
    • Talos

  • Beers With Talos : Episode 15
    2017-10-18

    Landing a Job, Phishing Midstream, and Paul’s IDA Palette

    In this EP, we take on interviewing and finding a job with technical questions and tests (hint: don’t oversell yourself, and make sure your mute button actually works). We also talk about enabling users with security as opposed to hobbling them. When Craig brings up the Google Home Mini beta test issues, he ends up taking a ration over his choices in handling the situation. We also discuss some clever new phishing techniques that insert malware links mid-conversation with a trusted party.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:03:00

    Keywords
    • talos
    • security
    • jobs
    • interviews
    • phishing
    • trustsec
    • malware

  • Beers With Talos : Episode 14
    2017-10-03

    Ranking Threats and Avoiding Bush League Breach Response

    We haven’t gone around the table and introduced ourselves in some time (about 50k downloads ago), so we take the time we usually complain about things at the top of the show to do that. We have seen a massive amount of “top-tier” threats in the last six months or so. While it might seem like comparing apples and oranges (hint: it is), the crew takes a stab at ranking these recent threats/attacks: CCleaner, Deloitte, Equifax, Nyetya, SEC, Shamoon2, WannaCry. Shockingly, all of us have a different ranking. What’s your list look like? Regarding response: Consistency matters, don’t be clever. We discuss some recent unbelievably boneheaded things we have seen in security response. More importantly, we discuss how you SHOULD respond to an incident. Remember: Complexity kills. Unfortunately, it doesn’t kill thought leaders

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:02:10

    Keywords
    • Security
    • threat intel
    • Talos
    • breach response
    • chippah

  • Beers With Talos : Episode 13
    2017-09-20

    A Vast CCleanup, Strutting Your Stuff, and the Ex$ploit Economy

    Struts - when to patch and when to patch with a vengeance. In light of the Equifax breach, we discuss how patching can make you live better days, Never look back and say, Could have been me. Naturally, that covo leads into the biggest story of the week around Pwning the Supply Chain - CCleaner, Python, and Nyetya style. Avast made some mistakes, but every tech company is susceptible to supply chain attacks. What can companies do to protect themselves and how can users adopt a stronger security posture in this area? We also talk Ex$ploit Economy - Valuing exploits by supply and demand. Zerodium has an extensive price list, what can we discern about the availability and difficulty of various exploits using basic economics?

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:01:19

    Keywords
    • Security
    • threat intel
    • Equifax
    • struts
    • Avast
    • CCleaner
    • exploits
    • Zerodium
    • Talos

  • Beers With Talos : Episode 12
    2017-09-14

    IrmaGerd! The Internet Ate Our Podcast

    Matt runs the ship this week in Mitch’s absence. Craig and Nigel are joined by Bill Largent and Joel was… in a meeting? The crew discusses ambulance chasing and crying wolf in the security industry and also what the security press is doing to perpetuate questionable reporting. We also chat at length about what exactly goes into vulnerability discovery, chaining exploits, and the months of work to get to those “12 seconds” of glory at Pwn2Own.

    Did we mention the internet ate our attempted episode last week? Sorry about that. We do our best to make up for missing a week this time. But man, that was a great episode you missed…

    Hosted By:
    Matt Olney@kpyke
    Special Guest:
    William Largent@security_will
    Featuring:
    Craig Williams@security_craig and Nigel Houghton@EnglishLFC
    Download
    Run Time: 57:00

    Keywords
    • Security
    • threat intel
    • media
    • exploits
    • vulnerability discovery

  • Beers With Talos : Episode 11
    2017-08-29

    This is How the Internet Ends, Not with a Whimper but with Cyber Mercenaries

    Off the top: Better late than never? On top of being distributed all around the planet this week, we had some technical issues with our recording platform. Matt’s audio remained a challenge; it is rough this week. Bear with us, the audio quality will be back to what you have come to expect next episode. If you would like to speak to the manager, please hold. The last several years have seen a continuing surge in booters, DDOS, and combined exploit campaigns for-hire coming out of Asia and other regions. What does this tell us about the continued “professionalization” of the cyber criminal enterprise? We also discuss “hacking back” - some say it should be legal. Most people who know what they are talking about seem to think otherwise.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:02:00

    Keywords
    • talos
    • security
    • hacking back
    • DDOS
    • booters
    • combined exploits

  • Beers With Talos : Episode 10
    2017-08-08

    Being FIRST and Conveying Doubt (That It’s a Conference Hangover)

    The BlackHat/DEFCON recovery episode. This one may be a touch rough, with some great gems. We discuss why music in 1994 was so terrible, including a BWT rendition of some classic Ace of Bass. The FIRST tool is discussed in some detail, how using our IDA Pro plug-in saves time a reduces duplication of effort. A vital topic in this EP is Matt’s post “On Conveying Doubt” how can intel professionals couch our findings in the appropriate amount of certainty.

    We discuss Warren’s amazing shorts ad nauseam (thanks Sammi for the submission!!) and also talk about ClamAV 0.99.3 release and what you’ll find inside.

    Main topic - what is the value in the mega-cons? Are they getting too big? Has the value increased, decreased, or just changed with growth?

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 58:16

    Keywords
    • Security
    • threat intel
    • BlackHat
    • DEFCON
    • FIRST
    • Conveying Doubt

  • Beers With Talos : Episode 9
    2017-07-24

    The Doctor is In, Just in Time for Vegas

    This is a special episode, we are joined by long-time friend of Talos, Dr. Adam J. O’Donnell, PhD. Adam is the founder/co-founder of many amazing technologies, including Immunet and had created the core technologies of many tools on the frontlines of cybe rwarfare. He gives us a candid look at his process in building security technologies, his interest in the arts, and why you should let him know about any heart conditions before going out for the evening.

    This is our last podcast before BlackHat and DEFCON as well - we have some great info on how to get catch Talos at Security Summer Camp 2017 as well a preview of the winning submission of the #ShortsForWarren competition. Poor, poor Warren. He made a bad decision letting us do this.

    Craig and Joel split time in this episode, because Joel had meetings and Craig was having a BBQ he didn’t invite us to.

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Adam J O’Donnell@adamjodonnell
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 59:17

    Keywords
    • Security
    • threat intel
    • Immunet
    • AMP
    • BlackHat
    • DEFCON
    • Adam J. O'Donnell

  • Beers With Talos : Episode 8
    2017-07-10

    We'll Make Great Pet(ya)s

    Nyetya, NotPetya, PetrWrap, ExPetr, whatever you want to call it - although Nyetya is clearly the most clever name, not that Warren and I came up with it or anything - has wrecked havoc on the Ukraine and multinational companies doing business there. This episode takes a deep look at the threat, the vectors used, and how it worked. We also discuss how organizations can protect themselves from this and similar threats that we will likely see in the future.

    Feedback question: Send us links to the shorts Warren (@SecurityBeard) should wear the to Talos party at BlackHat. If we pick your submission, we will send you a Talos loot drop! Tweet us @TalosSecurity #Shorts4Warren or email beerswithtalos@cisco.com

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:03:30

    Keywords
    • Security
    • threat intel
    • Petya
    • NotPetya
    • Nyetya
    • MeDoc
    • Ukraine

  • Beers With Talos : Episode 7
    2017-06-28

    This Podcast is Clearly Fake News

    Special guest and Talos team member Sean Baird comes by to discuss the Fake News Challenge - and the Talos team, Solat in the Swen, taking first place in stage 1. Nigel displays a disturbing lack of faith in Python. Joel and Matthew both provide an insane amount of valuable commentary compared to previous episodes. The part of Matthew Olney is being played by Kate Nolan. Joel Esler is being played by Dave Maynor.

    Feedback question: Why should we let Joel back on the podcast? Tweet us @TalosSecurity

    Hosted By:
    Mitch Neff@MitchNeff
    Special Guest:
    Sean Baird
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 1:00:45

    Keywords
    • talos
    • security
    • malware
    • fake news
    • IoT vulnerability

  • Beers With Talos : Episode 6
    2017-06-13

    Enter the Talos, But Please Use a Unique Password

    The team discusses how to get into threat intel and join a team like Talos. There are many routes to enter the Talos, but no exits. Seriously, they won’t let me leave. Passwords, vaults, and other access controls are discussed more in-depth as well.
    Mitch opens the show discussing poor life choices like drinking with folks from Norn Iron, Nigel divulges details of his life-long obsession with men in shorts, Matt forces his team to endure war games in suburban Baltimore, Joel threatens to have a mental breakdown over buzzwords, and Craig turns his roundtable segment into a full topic…shocking, I know. Feedback question: What SHOULD Nigel be tweeting? Tweet us @TalosSecurity, use #BWT or email us BeerswithTalos@cisco.com.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 01:00:13

    Keywords
    • Security
    • threat intel
    • research
    • password
    • passphrase
    • password manager
    • hiring

  • Beers With Talos : Episode 5
    2017-05-30

    It Has Been 0-days Since this Term was Abused

    The crew talks about the potential of Samba echoing WannaCry and blocking SMB ports (but you already did that, RIGHT?). Also, get a history lesson and proper usage guidance on words like 0-day, backdoor, and other terms that the industry loves to hype and abuse for extra clicks.

    Feedback question: What is stuck in Joel’s head? Tweet us @TalosSecurity or email us BeerswithTalos@cisco.com

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 45:40

    Keywords
    • Security
    • threat intel
    • WannaCry
    • 0-day
    • Samba
    • backdoor

  • Beers With Talos : Episode 4
    2017-05-17

    OMG I Just WannaCry

    Friday May 12 brought us the WannaCry/wcrypt ransomware worm. In this podcast dedicated entirely to WannaCry, Craig, Joel and Mitch are joined by Matt Olney, head of the threat intelligence group at Talos, and Warren Mercer, Talos Tech Lead. We discuss what we know so far and what we can expect to see in the near future.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, Matt Olney@kpyke, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 43:19

    Keywords
    • WannaCry
    • wcrypt
    • ransomware
    • worm
    • shadow brokers

  • Beers With Talos : Episode 3
    2017-05-12

    FCC SNAFU, ROKRAT, FUD, and Other Fun Acronyms (OFAs)

    Discussion around what’s real and what’s not with recent FCC decisions, FUD in the security press, ROKRAT hitting selected targets in South Korea, and if software itself can be illegal. Bonus topic: Mayor Joel was once a real thing.

    Hosted By:
    Mitch Neff@MitchNeff
    Featuring:
    Craig Williams@security_craig, Joel Esler@JoelEsler, and Nigel Houghton@EnglishLFC
    Download
    Run Time: 37:37

    Keywords
    • Security
    • threat intel
    • FCC
    • RAT
    • vuln dev
    • malware