We mainly spend this episode doing some catching up because it’s been a while since we recorded. But on the actual, helpful, front, we discuss a recently released list of the vulnerabilities that are most often exploited in the wild, according to the U.S. Cybersecurity and Infrastructure Security Agency.
It’s particularly interesting to compare the lists from 2020 and 2021 to see how threat actors have changed up their tactics and parse through all the information to tell you what you need to know. It’s also important to question these types of reports and how helpful they are to defenders.
This is also a great episode for any Snort fans out there who are interested in the old days of writing rules for some Y2K-era malware.
Most of the Beers with Talos folks are refreshed after a summer vacation. But don’t assume that means they actually prepared for this episode. This is more of a free-flowing episode, where we discuss cyber conflict between nations — one of the many things that keep Matt up at night. They go back and forth discussing what a “cyber war” could actually look like, and what crosses the line into conflict versus traditional “hacktivism.”
Summer hacking, happened so fast….
We’ve been trying to enjoy our summer, but supply chain attacks just had to go and ruin the fun. So Mitch got back from fishing and decided to pull the guys together to discuss the Kaseya supply chain attack. We cover this major event BWT-style, and talk phony patches, mitigation strategies, and unsolicited advice for Kaseya’s CISO. For more, you can also watch our recent live stream with Nick Biasini covering everything you need to know about this attack.
Also, if you want more Beers with Talos (and you’re listening to this the day it’s released) join us over on the Cisco Twitter account on Thursday, Aug. 5 for a #TalosTakeover. We can’t believe they’re letting us do this, either.
You’re not going to believe this, but everyone actually agreed on something in this episode. And no, it’s not regarding the best flavor of beef jerky. In this episode, we discuss a new category of threat actors that we’re choosing to call privateers. The guys discuss why this classification is much needed in the security community, the previous research on this topic, and the ways private security firms can partner with public intelligence agencies to protect against this type of threat. You can find complete show notes and links over on the Talos blog.
Recorded May 11, 2020 – Craig wins MVP of the podcast for his attempts to avoid discussing… something. Anyway, we went a little long on this podcast, but stick with us as we wind through the recent Executive Order on cybersecurity, and then discuss another… interesting take on how we should then combat these new threats. I feel almost obligated to let you know before you listen, it’s a letter of marque take, and oddly, we all agreed on something. Full show notes on the Talos blog
This is a very different episode in that it isn’t really a BWT episode at all. Hazel Burton from the Security Stories podcast invited Matt and Mitch to come on with the leader of Talos, Matt Watchinski. The idea was to chat with Hazel and her co-hosts Ben and Sana about burnout from three levels of a security research team. What followed as we all started talking was real and unfiltered conversation from many very different points of view. We talked about what has worked, what hasn’t, and our own struggles with self-care while trying to take care of our respective teams, families, and friends – hopefully some of our collective experience is useful to you.
Original broadcast - Security Stories podcast, ep 27
Recorded March 30, 2021 – What better way to discuss supply chain attacks than to have Matt demonstrate how easily you can blend your payload into normal operations via Twitter shenanigans? We’re talking about (surprise!) supply chain attacks and how their rise to prevalence is notable, albeit expected. Supply chain gets linked in with privacy concerns as we round out the ep discussing the Signal/Cellebrite situation. Listen to the episode before you read Matt’s tweet (linkedin the full show notes) and see if you can pick the words that were part of his little reindeer game. Your prize is the achievement of a job well done. See the full show notes on the Talos blog
Recorded March 2021 – ICS and SCADA systems are deeply embedded all around us in critical infrastructure. Today we talk about some of the inherent issues in infrastructure security and take a wide-ranging look at the ICS- and SCADA-specific issues found there. Joe Marshall from the Talos Outreach group joins to share his insights on the space and how donuts are the ultimate career track switching tool. Oh- and Matt’s cat discovers jerky. Full show notes on the Talos blog
We’ve been quiet for a minute, but we have a few new EPs ready to go, starting with some of your questions from Twitter. And yes, one of the first questions concerns Craig and the robots. Do you have a question you’d like to ask us for the next listener questions episode? Send us a tweet (links below). Ask us anything security related or something else entirely. It’s your question, I’m not going to tell you what to ask. Full show notes on the Talos blog
We get a lot of questions in Talos about HOW to get a job in security. This ep takes a look at figuring out IF Security is the right career choice for you - and if so, where? The industry is a big place with so many different skills in demand, so having a good idea of your strengths and weaknesses is a good place to start. One constant is that curiosity, constant learning, and certain base knowledge seems to be correlated with success across most skills in the industry. We wrap it all up talking about mapping skillsets to transition careers. Full show notes on the Talos blog
Recorded January 8, 2020 – It’s hard to believe that we have made 100 episodes of BWT. It easily feels like two or three times that many. This is a long winded show, as we welcome back our buddy Nigel for this special milestone. As an unintentional nod to our early episodes, the opening roundtable gets way off track and we basically host an “In-between” ep in the middle of a regular show. We also dig into supply chain attacks, in light of the recent SolarWinds incident, delving into defensive and IR strategies. Finally, we take a trip into the past remembering some of our favorite moments from the past 100 times I’ve written these show notes. Full show notes on the Talos blog
This EP was recorded toward the end of the year and lived a quiet, but meaningful life in the production queue patiently waiting it’s turn to get released. In this Ep, we dig into a discussion on passwords and some of the issues both conceptually and in practice. Passwords aren’t inherently problematic, but how they are used…sometimes is. We discuss best practices to share with your friends and also touch on MFA (and SMS as an option of last resort). Craig seems to think lock analogies are key to understanding everything. The session was 2 hours long and this is the balance remaining after decency and standards review.
All of us want to thank you for listening and making three years and (almost)100 episodes of Beers with Talos possible. Cheers. Full show notes on the Talos blog
Recorded early November, 2020 – This is an EP we recorded in early November but got pushed back in the end of year shuffle to make production schedules work. We’re happy to put this one out now with somewhat belated takes on (somewhat recent) health care ransomware attacks. We discuss a few key questions that are rather evergreen. Why is health care targeted in this way (and other verticals for that matter)? What defines a “high value” target to a ransomware actor? How can targeted entities better defend themselves?
Full notes on the Talos blog
Recorded November 24, 2020 – On this EP, Mitch and Matt are joined by Wendy Nather to discuss the newly released Cisco Security Outcomes Study. The results and findings of the research are interesting and somewhat surprising. As often happens with most good research, we end up asking more questions - in this case, geared toward the nature of the relationships found in the data. Special thanks to Wendy for coming on and joining us. As usual, her insight is stellar and she is much more entertaining than the rest of us. Full show notes on the Talos blog
We got delayed with the holidays and PTO, but here is a long awaited ep. The rest of the year is on deck to release through the holidays, so fret not. In this EP we talk about QR codes becoming pervasive as easily deployed “touchless tech” (and how they could help the robots try to kill Craig), and then we take a look at some recent DOJ and APT activity that begs the question: is bringing charges against foreign APT actors anything more than a symbolic gesture? Full show notes on the Talos blog