Log4j was a big enough deal that we finally decided to host a live show. Mitch, Matt, Liz and special guest JJ Cummings from our Threat Intel team got together to update everyone on where things stand with this critical vulnerabilities. It’s not all doom and gloom though, Matt at least brought some memes!

[Re-uploaded to fix an audio gap.] Yes, we’ve been sitting on this one for a while. But it’s worth it, we promise! We wanted to wait until we had more news to share, so it’s finally time to announce that Craig has left us. We will absolutely miss Craig, but look forward to the next act of Beers with Talos now that 2/5ths of the original crew is gone. We take the time to reminisce with Craig about his time at Talos and talk about this new trend of “bandwidth-sharing” applications. Stay tuned...

Most of the Beers with Talos folks are refreshed after a summer vacation. But don’t assume that means they actually prepared for this episode. This is more of a free-flowing episode, where we discuss cyber conflict between nations — one of the many things that keep Matt up at night. They go back and forth discussing what a “cyber war” could actually look like, and what crosses the line into conflict versus traditional “hacktivism.”

Summer hacking, happened so fast…. We’ve been trying to enjoy our summer, but supply chain attacks just had to go and ruin the fun. So Mitch got back from fishing and decided to pull the guys together to discuss the Kaseya supply chain attack. We cover this major event BWT-style, and talk phony patches, mitigation strategies, and unsolicited advice for Kaseya’s CISO. For more, you can also watch our recent live stream with Nick Biasini covering everything you need to know about this...

This was admittedly a tough one to record. In the middle of us trying to respond to the situation in Ukraine, we felt it was important to let our listeners in a bit. Matt, JJ and Liz discuss the work they and their teams are doing in Ukraine to protect critical systems there and keep users online. We also talk about the human side of things, and why it’s important for folks in cybersecurity to think about self care during this time. If you want to stay up to date on Talos’ work in Ukraine...

We recorded this special episode live and actually in person last week at the RSA Conference, and we have a special treat for the listeners. The ever-elusive Matt Watchinski, Talos’ fearless leader, joins the show. We mainly spend some time talking about Talos’ work defending Ukraine during the invasion of Russia. Tomorrow, be on the lookout for a more laid-back podcast in the Security Stories feed, because the BWT crew stuck around to record a special episode with them, too.

Our rotation of special guests continues on with Nate Pors from Talos Incident Response. Nate has been following several different attacks in which attackers bypassed multi-factor authentication with “prompt bombing” and other techniques. The crew discusses what the security community can do to make MFA safer and how to improve user education about using the technology. Plus, Matt gets an opportunity to eat some humble pie regarding the FBI and the removal of wireless router malware, so...

We’re dropping two episodes today. This is undoubtedly the less serious of the two, as it was recorded prior to the invasion of Ukraine. Check out Ep. #118 for more on that situation. In this episode, though, we got to talk about Talos’ involvement at the Super Bowl. Mitch welcomes on Brett Ellis, who was at SoFi Stadium in Los Angeles to help defend “The Big Game,” of Talos Incident Response to discuss his experience. He, JJ and Liz talk about what goes into securing these major global...

We wanted to start off the new year by reflecting on 2021 with Talos Incident Response. The one thing many cyber attacks had in common? People. There are issues that arise any time humans are involved, whether it’s being tempted by a phish or someone making simple human errors. So, Matt, Mitch and Liz discuss how logs are crucial during the worst-case scenario and look at how to remove human error as much as possible from the equation. Outside of initial infection vectors, there are...

This is our first episode sans-Craig, but we didn’t wait long to find his replacement! Tune in as we add a new host to the crew. Then, we talk about drama on the ransomware landscape among as-a-service groups. Please note, we recorded this episode before everything dropped on Log4J. We are recording an emergency episode as we speak on this and will be releasing it later this week.

We mainly spend this episode doing some catching up because it’s been a while since we recorded. But on the actual, helpful, front, we discuss a recently released list of the vulnerabilities that are most often exploited in the wild, according to the U.S. Cybersecurity and Infrastructure Security Agency. It’s particularly interesting to compare the lists from 2020 and 2021 to see how threat actors have changed up their tactics and parse through all the information to tell you what you need...

You’re not going to believe this, but everyone actually agreed on something in this episode. And no, it’s not regarding the best flavor of beef jerky. In this episode, we discuss a new category of threat actors that we’re choosing to call privateers. The guys discuss why this classification is much needed in the security community, the previous research on this topic, and the ways private security firms can partner with public intelligence agencies to protect against this type of threat. You...

Recorded May 11, 2020 – Craig wins MVP of the podcast for his attempts to avoid discussing… something. Anyway, we went a little long on this podcast, but stick with us as we wind through the recent Executive Order on cybersecurity, and then discuss another… interesting take on how we should then combat these new threats. I feel almost obligated to let you know before you listen, it’s a letter of marque take, and oddly, we all agreed on something.Full show notes on the Talos blog

Most people would expect us to approach the Winter Olympics from a security perspective. Why are athletes using burner phones? Are we worried about any state-sponsored attacks? Not this year, folks! Instead, we rank each country’s curling uniforms, discuss the origins of ski jumping and debate which events would be the most difficult to compete in. On the actual cybersecurity front, we did carve out some time to discuss two state-sponsored threat actors Talos has written about recently:...

We’ve all heard that popular refrain by now: “Well I have nothing to hide so I don’t care if the government sees my data.” This week, we tell these people they are completely wrong. Ashlee Benge joins the show to discuss her upcoming BlackHat talk on the types of data and personal information health apps track. This has taken on special importance in the overturning of Roe vs. Wade in the U.S, making many forms of abortion illegal in many states. Ashlee talks about how women’s health apps may...

Re-uploaded on July 22, 2022 to fix audio issues — We’re back from RSA, Cisco Live and COVID breaks (yes, those things are all absolutely related). Paul Eubanks joins the show to talk about his recent blog post on unmasking ransomware actors on the dark web. He’ll go over several different tactics he and his team use to remove actors’ anonymity that’s so important when actors are working on these websites. Liz provides her take on this from an Incident Response perspective, and Matt...

We wanted to prep for the RSA/Cisco Live stretch of June by looking back on security conferences past. Mitch, Matt and Liz got together to talk about their best and worst conference memories. Plus, Mitch has an overview of everything Talos is doing at RSA and Cisco Live, including a LIVE episode of Beers with Talos next week at RSA. There is a little security talk at least, as we also cover the latest goings on between the Conti ransomware group and Costa Rica’s government.

We’re back from RSA, Cisco Live and COVID breaks (yes, those things are all absolutely related). Paul Eubanks joins the show to talk about his recent blog post on unmasking ransomware actors on the dark web. He’ll go over several different tactics he and his team use to remove actors’ anonymity that’s so important when actors are working on these websites. Liz provides her take on this from an Incident Response perspective, and Matt semi-pays attention as he ponders how much he hates The...

Yes, we’ve been sitting on this one for a while. But it’s worth it, we promise! We wanted to wait until we had more news to share, so it’s finally time to announce that Craig has left us. We will absolutely miss Craig, but look forward to the next act of Beers with Talos now that 2/5ths of the original crew is gone. We take the time to reminisce with Craig about his time at Talos and talk about this new trend of “bandwidth-sharing” applications. Stay tuned to BWT Ep. #112 where we’ll debut...

This is a very different episode in that it isn’t really a BWT episode at all. Hazel Burton from the Security Stories podcast invited Matt and Mitch to come on with the leader of Talos, Matt Watchinski. The idea was to chat with Hazel and her co-hosts Ben and Sana about burnout from three levels of a security research team. What followed as we all started talking was real and unfiltered conversation from many very different points of view. We talked about what has worked, what hasn’t, and our...

Recorded March 30, 2020 – What better way to discuss supply chain attacks than to have Matt demonstrate how easily you can blend your payload into normal operations via Twitter shenanigans? We’re talking about (surprise!) supply chain attacks and how their rise to prevalence is notable, albeit expected. Supply chain gets linked in with privacy concerns as we round out the ep discussing the Signal/Cellebrite situation. Listen to the episode before you read Matt’s tweet (linkedin the full show...

Recorded March 2020 – ICS and SCADA systems are deeply embedded all around us in critical infrastructure. Today we talk about some of the inherent issues in infrastructure security and take a wide-ranging look at the ICS- and SCADA-specific issues found there. Joe Marshall from the Talos Outreach group joins to share his insights on the space and how donuts are the ultimate career track switching tool. Oh- and Matt’s cat discovers jerky. Full show notes on the Talos blog

We’ve been quiet for a minute, but we have a few new EPs ready to go, starting with some of your questions from Twitter. And yes, one of the first questions concerns Craig and the robots. Do you have a question you’d like to ask us for the next listener questions episode? Send us a tweet (links below). Ask us anything security related or something else entirely. It’s your question, I’m not going to tell you what to ask. Full show notes on the Talos blog

We get a lot of questions in Talos about HOW to get a job in security. This ep takes a look at figuring out IF Security is the right career choice for you - and if so, where? The industry is a big place with so many different skills in demand, so having a good idea of your strengths and weaknesses is a good place to start. One constant is that curiosity, constant learning, and certain base knowledge seems to be correlated with success across most skills in the industry. We wrap it all up...

Recorded January 8, 2020 – It’s hard to believe that we have made 100 episodes of BWT. It easily feels like two or three times that many. This is a long winded show, as we welcome back our buddy Nigel for this special milestone. As an unintentional nod to our early episodes, the opening roundtable gets way off track and we basically host an “In-between” ep in the middle of a regular show. We also dig into supply chain attacks, in light of the recent SolarWinds incident, delving into...