Power grid security expert Joe Marshall joins the crew today to talk all things, well, power grid security. But not before he gets an impromptu pop quiz from Matt in the roundtable. Joe then tells some stories from his days working in electric utility,  deploying new systems and his experiences with pentesting teams ("Wow, y'all need to stop!"). Plus, the team ask Joe about  the risks with both aging infrastructure versus newer, smarter based infrastructure. And what happens when threat...

Matt, Mitch and Lurene discuss if the internet is better or worse today than it was 20 years ago.  This leads them to discuss their various career paths, with Lurene talking about how she got into vulnerability exploitation and how Matt got into threat intelligence. And why neither of those paths would be recommended today. Lurene and Matt then clash about threat research and and the importance of approaching things from a "how do I be a problem" perspective.

You will no doubt have seen the advisories published over the last few weeks concerning Volt Typhoon's malicious activities. In this episode, JJ Cummings joins the crew to discuss the background to this threat actor, their impact on the threat landscape, and the covertly strategic (and specific) nature of their operations. The team also discusses their recommendations for defenders, particularly for critical infrastructure organizations. The CISA statement on Volt Typhoon can be found here...

Matt, Mitch and Lurene sit down to discuss “random stuff from Reddit” (don’t be put off – they’re all genuinely interesting security questions!). Topics range from password managers and how password security guidance has become outdated, how to ‘self-learn’ in cybersecurity, and thoughtful approaches towards security incidents.  Before that, the team comes up with a prank to pull on their co-workers and bring some joy and chaos to Webex meetings. And Lurene reflects on what advice she would...

Mitch, Matt and Lurene were almost about to be in the same physical space at the same time to record an episode, and then Lurene couldn't make it...so we made this instead! Mitch is joined by Azim Khodjibaev from the Talos Threat Intelligence and Interdiction team to rapid-fire interview a bunch of Talos employees who happened to be around the Maryland office. Hear from teammates from all walks of life and areas of expertise about what they've loved working on in 2023 and how they feel their...

We recorded this episode AFTER Thanksgiving, so you'll need to forgive us for the amount of Thanksgiving talk that doesn't actually apply until Thanksgiving 2024. It all evens out in the end because the annual "Ranksgiving" from special guest David Liebenberg results in the creation of TurkeyLurkey Man. Then, TurkeyLurkey Man helps the rest of the gang recap the top malware and attacker trends from 2023. If you'd like to read more, download the full Talos Year in Review report here. We also...

It's that time of the quarter again when we sit down to look at what we learned over the past three months. Caitlin Huey from the Talos Threat Interdiction Team joins the show for this special look at the latest Talos Incident Response Quarterly Trends report. Caitlin's team helps compile these reports and digs through mountains of data to find out what defenders can learn from what Talos IR is seeing live in the field. If you want to learn more about this report, you can read it on our blog,...

This episode of Beers with Talos has a very special guest: Our old friend Nigel Houghton. He's one of the OG BWTers and is back with two-plus years' worth of hot takes to get off his chest. Nigel starts out by delivering his long-awaited update on his beloved Mighty Red. But he, Mitch, Matt and Lurene do eventually get to cybersecurity talk, including things like: The challenge of keeping mountains of cybersecurity data and sharing it with partners.The importance of context around that data...

We know we're like two weeks late to the Barbie party, but the whole Beers with Talos crew has seen it now so we had to talk about it. Expect a lot of "Barbie" talk up at the top. After that, though, we dive into how to set up deception systems and establish your environment to make it harder for an intruder to get in. The goal here is to make it so that attackers have to waste time and resources trying to get in but ultimately come away empty-handed. We talk about why this is important for...

In this special episode, Matt is flying solo while he interviews Rachel Tobac, the CEO of SocialProof Security. Rachel's company helps individuals and companies keep their data safe by offering various training and penetration testing opportunities, all related to social engineering attacks and risks. Ahead of BlackHat and DEFCON, Matt wanted to talk to Rachel because they first met at DEFCON a few years ago, where she was a second-place finisher in the Social Engineering Capture the Flag...

The Beers with Talos Crew is back to a team of four this week, with special guest Nick Biasini joining the show to talk about Mercenary Groups and the spyware they're creating. This episode, we talk about the current spyware landscape, and how it encompasses "mercenary" groups like the NSO Group and Intellexa, and state-sponsored actors looking to track high-profile targets. Nick's team recently published multiple pieces about this topic and they are actively researching spyware. If listeners...

Mitch was out for this recording, so Hazel Burton, the newest addition to Team Talos, stepped in to host this episode! She, Lurene and Matt got together for Mental Health Awareness Month and share stories and advice with one another. Cybersecurity is a notoriously rough field for burnout and an imbalance between work and life, so they share some tips they use to decompress after a long day and how they ignore their inner critics. 

Our second of two episodes recorded live at the RSA Conference, Mitch and Lurene are joined by Nick Biasini from Talos Outreach and AJ Shipley, a vice president of product management for Cisco Secure. The four of them recap Nick and AJ's talk they gave at RSA and discuss the centralization of cybersecurity. AJ shares some important insights about the product side of cybersecurity, and how everyone in the space needs to be better focused on stopping the bad guys versus competing against one...

This is the first of two episodes we have coming out that we recorded live at the RSA Conference. In this edition of Beers with Talos, we welcome Mick Baccio, a security strategist for Splunk, to talk about all things RSA. At this point in the week, we had hit the halfway point of RSA and were pretty tired already, so bear with us — don't expect any hardcore security takes here. That being said, we do gather 'round to share stories, and reflect on RSA and the security community as a whole....

This episode discusses network resilience, hardware hygiene, and the recently disclosed Jaguar Tooth campaign. J.J. joins the show and the usual cast to discuss the recent attacks against out-of-date and unpatched wireless routers from sophisticated, state-sponsored actors. J.J., Matt and Lurene detail the research around these campaigns and advice for anyone to improve their network hygiene. If you'd like to talk to the BWT crew more about this topic, they'll be at RSA this week with two...

Everyone fears the dreaded 10-out-of-10 CVSS severity score on a vulnerability with "critical" written somewhere on the advisory. But does that number even matter to an attacker or hypothetical defender? Matt, Mitch and Lurene discuss the various ways the security community classifies vulnerabilities and how potential targets can use that information to their advantage. They discuss patching strategies, potential security holes that attackers look for and real-world cases of vulnerabilities...

(Recorded Jan. 27, 2023) No Matt this episode, so we have two guests in the rotating chair(s): Nick Biasini and David Liebenberg. Lurene, Mitch and our two esteemed companions talk about the human problem of ransomware. Lurene says getting rid of email altogether is the best option — but since that doesn't seem likely anytime soon, what are some other options for enterprises and companies to avoid being hit with the latest phishing scam?  Other suggested talking points: Wawa vs. SheetzWhy...

With this episode, we set out to discuss the first annual Cisco Talos Year in Review report - a look back at the major threats, trends, and topics from 2022 and what we should take forward into 2023.   Our guest Dave Liebenberg runs the team behind this report and joins us to discuss *why* his team undertook this effort, and some of the finer points of the report findings.  The Year in Review is broken down into four major parts, and Talos will be releasing "topic focus reports" to zoom in on...

We are (finally) talking about the recent OpenSSL vulnerability as we had to redo this EP.  In our infinite podcasting wisdom, we took a stab at it roughly 2 hours before the embargo expired and coverage was released - which is obviously is a very silly idea in hindsight. After we cover the current issue at hand, Lurene leads us through the surface levels of how vulns can be exploited in the heap or stack, and the different perspective and processes in practice by offensive security...

Mitch was trying to preserve his voice, so Matt is driving the bus during this episode — hang on! In this edition, we're talking about script kiddies (unfortunately, not "kitties.") These are basically adversaries with an extreme base level of computer knowledge who use basic scripts to carry out cyber attacks. How can we avoid these attacks, even if they'll look like benign activity in your environment? 

At the onset of Russia's invasion of Ukraine, many experts and government officials expected there to be two fronts of the war — one on the ground in Ukraine and one in cyberspace. But all things considered, we haven't seen as much offensive cyber warfare come from either side of this conflict this year. J.J. Cummings from Talos Threat Intelligence and Interdiction joins the show again to share his experience from working hands-on with networks in Ukraine. He, Lurene, Mitch and Matt discuss...

We're excited to add to the growing Beers with Talos family with the addition of Lurene Grenier to the squad. Lurene joins her first episode and hits the ground running talking about her current role within Talos. She, Mitch and Matt talk about the major differences between exploit development and vulnerability discovery, and how Lurene started her career in exploit development. While exploit development might sound like the stereotypical thing a "basement hacker" does, it's actually very...

We’re all still pretty exhausted from our work in Ukraine. But that hasn’t slowed down any of the threat actors, unfortunately. So we enlisted special guest Nick Biasini to dive into the BlackCat ransomware group to discuss how it potentially is or isn’t connected to BlackMatter/DarkSide. These ransomware-as-a-service groups surprisingly run like regular companies, and even have the same problems with employee retention! Plus, Matt and Liz provide updates on their work in helping to defend...

(Uploaded again, this time with the correct music!) The OG Beers with Talos folks are dropping like flies, because now we also have to say goodbye to Joel! We know this has been quite the roller coaster for listeners, but we appreciate you all sticking with us through all these changes. We take some time in Joel’s farewell to discuss “Rent,” as only BWT could, and burnout in cybersecurity.