Beers with Talos Podcast
154 episodes - English - Latest episode: 19 days ago - ★★★★★ - 143 ratingsThreats, Beers, and No Silver Bullets. Listen to Talos security experts as they bring their hot takes on current security topics and Talos research to the table. Along the way, Mitch, Matt and a rotating chair of special guests will talk about anything (and we mean anything) that's on their minds, from the latest YouTube trends to Olympic curling etiquette. New episodes every other Thursday.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Stories from the Power Grid
April 11, 2024 08:00 - 39 minutes - 26.9 MBPower grid security expert Joe Marshall joins the crew today to talk all things, well, power grid security. But not before he gets an impromptu pop quiz from Matt in the roundtable. Joe then tells some stories from his days working in electric utility, deploying new systems and his experiences with pentesting teams ("Wow, y'all need to stop!"). Plus, the team ask Joe about the risks with both aging infrastructure versus newer, smarter based infrastructure. And what happens when threat act...
The old people episode
March 21, 2024 12:00 - 48 minutes - 33.6 MBMatt, Mitch and Lurene discuss if the internet is better or worse today than it was 20 years ago. This leads them to discuss their various career paths, with Lurene talking about how she got into vulnerability exploitation and how Matt got into threat intelligence. And why neither of those paths would be recommended today. Lurene and Matt then clash about threat research and and the importance of approaching things from a "how do I be a problem" perspective.
The Reverberations of Volt Typhoon
February 22, 2024 09:00 - 43 minutes - 29.9 MBYou will no doubt have seen the advisories published over the last few weeks concerning Volt Typhoon's malicious activities. In this episode, JJ Cummings joins the crew to discuss the background to this threat actor, their impact on the threat landscape, and the covertly strategic (and specific) nature of their operations. The team also discusses their recommendations for defenders, particularly for critical infrastructure organizations. The CISA statement on Volt Typhoon can be found here ...
The Reddit Security Diaries
February 14, 2024 09:00 - 1 hour - 41.9 MBMatt, Mitch and Lurene sit down to discuss “random stuff from Reddit” (don’t be put off – they’re all genuinely interesting security questions!). Topics range from password managers and how password security guidance has become outdated, how to ‘self-learn’ in cybersecurity, and thoughtful approaches towards security incidents. Before that, the team comes up with a prank to pull on their co-workers and bring some joy and chaos to Webex meetings. And Lurene reflects on what advice she would...
Talos Speed Dating (the episode we never set out to make but did anyway)
December 20, 2023 09:00 - 1 hour - 47.1 MBMitch, Matt and Lurene were almost about to be in the same physical space at the same time to record an episode, and then Lurene couldn't make it...so we made this instead! Mitch is joined by Azim Khodjibaev from the Talos Threat Intelligence and Interdiction team to rapid-fire interview a bunch of Talos employees who happened to be around the Maryland office. Hear from teammates from all walks of life and areas of expertise about what they've loved working on in 2023 and how they feel their...
The TurkeyLurkey Man wants YOU to read the Talos 2023 Year in Review report
December 06, 2023 09:00 - 1 hour - 43.6 MBWe recorded this episode AFTER Thanksgiving, so you'll need to forgive us for the amount of Thanksgiving talk that doesn't actually apply until Thanksgiving 2024. It all evens out in the end because the annual "Ranksgiving" from special guest David Liebenberg results in the creation of TurkeyLurkey Man. Then, TurkeyLurkey Man helps the rest of the gang recap the top malware and attacker trends from 2023. If you'd like to read more, download the full Talos Year in Review report here. We also ...
Chicken Soup and Contact Centers
November 02, 2023 08:00 - 48 minutes - 33.2 MBIt's that time of the quarter again when we sit down to look at what we learned over the past three months. Caitlin Huey from the Talos Threat Interdiction Team joins the show for this special look at the latest Talos Incident Response Quarterly Trends report. Caitlin's team helps compile these reports and digs through mountains of data to find out what defenders can learn from what Talos IR is seeing live in the field. If you want to learn more about this report, you can read it on our blog...
Who is Jacques Wagon?
September 28, 2023 08:00 - 1 hour - 41.8 MBThis episode of Beers with Talos has a very special guest: Our old friend Nigel Houghton. He's one of the OG BWTers and is back with two-plus years' worth of hot takes to get off his chest. Nigel starts out by delivering his long-awaited update on his beloved Mighty Red. But he, Mitch, Matt and Lurene do eventually get to cybersecurity talk, including things like: The challenge of keeping mountains of cybersecurity data and sharing it with partners. The importance of context around that da...
"I'm going to breach you off." "Not if I breach you off first!"
August 24, 2023 08:00 - 56 minutes - 39 MBWe know we're like two weeks late to the Barbie party, but the whole Beers with Talos crew has seen it now so we had to talk about it. Expect a lot of "Barbie" talk up at the top. After that, though, we dive into how to set up deception systems and establish your environment to make it harder for an intruder to get in. The goal here is to make it so that attackers have to waste time and resources trying to get in but ultimately come away empty-handed. We talk about why this is important for ...
Rachel Tobac on social engineering, expanding opportunities for women in cybersecurity
August 03, 2023 08:00 - 50 minutes - 35 MBIn this special episode, Matt is flying solo while he interviews Rachel Tobac, the CEO of SocialProof Security. Rachel's company helps individuals and companies keep their data safe by offering various training and penetration testing opportunities, all related to social engineering attacks and risks. Ahead of BlackHat and DEFCON, Matt wanted to talk to Rachel because they first met at DEFCON a few years ago, where she was a second-place finisher in the Social Engineering Capture the Flag co...
Yarrr! There be mercenaries on the high seas!
August 01, 2023 08:00 - 43 minutes - 30.2 MBThe Beers with Talos Crew is back to a team of four this week, with special guest Nick Biasini joining the show to talk about Mercenary Groups and the spyware they're creating. This episode, we talk about the current spyware landscape, and how it encompasses "mercenary" groups like the NSO Group and Intellexa, and state-sponsored actors looking to track high-profile targets. Nick's team recently published multiple pieces about this topic and they are actively researching spyware. If listener...
Oh hello, "Susan"
May 25, 2023 08:00 - 55 minutes - 38.2 MBMitch was out for this recording, so Hazel Burton, the newest addition to Team Talos, stepped in to host this episode! She, Lurene and Matt got together for Mental Health Awareness Month and share stories and advice with one another. Cybersecurity is a notoriously rough field for burnout and an imbalance between work and life, so they share some tips they use to decompress after a long day and how they ignore their inner critics.
The XDR Files
May 18, 2023 08:00 - 31 minutes - 22 MBOur second of two episodes recorded live at the RSA Conference, Mitch and Lurene are joined by Nick Biasini from Talos Outreach and AJ Shipley, a vice president of product management for Cisco Secure. The four of them recap Nick and AJ's talk they gave at RSA and discuss the centralization of cybersecurity. AJ shares some important insights about the product side of cybersecurity, and how everyone in the space needs to be better focused on stopping the bad guys versus competing against one a...
SHIFT_NOP
May 11, 2023 08:00 - 37 minutes - 25.9 MBThis is the first of two episodes we have coming out that we recorded live at the RSA Conference. In this edition of Beers with Talos, we welcome Mick Baccio, a security strategist for Splunk, to talk about all things RSA. At this point in the week, we had hit the halfway point of RSA and were pretty tired already, so bear with us — don't expect any hardcore security takes here. That being said, we do gather 'round to share stories, and reflect on RSA and the security community as a whole. T...
The one where they talk a lot about wireless routers
April 24, 2023 14:00 - 54 minutes - 37.6 MBThis episode discusses network resilience, hardware hygiene, and the recently disclosed Jaguar Tooth campaign. J.J. joins the show and the usual cast to discuss the recent attacks against out-of-date and unpatched wireless routers from sophisticated, state-sponsored actors. J.J., Matt and Lurene detail the research around these campaigns and advice for anyone to improve their network hygiene. If you'd like to talk to the BWT crew more about this topic, they'll be at RSA this week with two li...
Should we even care about vulnerability severity scores?
March 16, 2023 08:00 - 43 minutes - 29.6 MBEveryone fears the dreaded 10-out-of-10 CVSS severity score on a vulnerability with "critical" written somewhere on the advisory. But does that number even matter to an attacker or hypothetical defender? Matt, Mitch and Lurene discuss the various ways the security community classifies vulnerabilities and how potential targets can use that information to their advantage. They discuss patching strategies, potential security holes that attackers look for and real-world cases of vulnerabilities ...
Beers with Talos Ep. #130: Ransomware is a people problem (but getting rid of email helps)
February 17, 2023 09:00 - 47 minutes - 32.7 MB(Recorded Jan. 27, 2023) No Matt this episode, so we have two guests in the rotating chair(s): Nick Biasini and David Liebenberg. Lurene, Mitch and our two esteemed companions talk about the human problem of ransomware. Lurene says getting rid of email altogether is the best option — but since that doesn't seem likely anytime soon, what are some other options for enterprises and companies to avoid being hit with the latest phishing scam? Other suggested talking points: Wawa vs. Sheetz W...
Talos Year in Review 2022 w/ Dave Liebenberg
December 14, 2022 12:00 - 57 minutes - 39.7 MBWith this episode, we set out to discuss the first annual Cisco Talos Year in Review report - a look back at the major threats, trends, and topics from 2022 and what we should take forward into 2023. Our guest Dave Liebenberg runs the team behind this report and joins us to discuss *why* his team undertook this effort, and some of the finer points of the report findings. The Year in Review is broken down into four major parts, and Talos will be releasing "topic focus reports" to zoom in o...
I find your vulnerabilities offensive (and exploitable).
November 29, 2022 19:00 - 1 hour - 41.5 MBWe are (finally) talking about the recent OpenSSL vulnerability as we had to redo this EP. In our infinite podcasting wisdom, we took a stab at it roughly 2 hours before the embargo expired and coverage was released - which is obviously is a very silly idea in hindsight. After we cover the current issue at hand, Lurene leads us through the surface levels of how vulns can be exploited in the heap or stack, and the different perspective and processes in practice by offensive security experts...
Im a skiddie, and you can too!
October 26, 2022 18:00 - 40 minutes - 27.8 MBMitch was trying to preserve his voice, so Matt is driving the bus during this episode — hang on! In this edition, we're talking about script kiddies (unfortunately, not "kitties.") These are basically adversaries with an extreme base level of computer knowledge who use basic scripts to carry out cyber attacks. How can we avoid these attacks, even if they'll look like benign activity in your environment?
The intricacies of cyber conflict in Ukraine
September 22, 2022 19:00 - 58 minutes - 40.2 MBAt the onset of Russia's invasion of Ukraine, many experts and government officials expected there to be two fronts of the war — one on the ground in Ukraine and one in cyberspace. But all things considered, we haven't seen as much offensive cyber warfare come from either side of this conflict this year. J.J. Cummings from Talos Threat Intelligence and Interdiction joins the show again to share his experience from working hands-on with networks in Ukraine. He, Lurene, Mitch and Matt discuss ...
A(nother) new host approaches!
August 31, 2022 17:00 - 1 hour - 41.5 MBWe're excited to add to the growing Beers with Talos family with the addition of Lurene Grenier to the squad. Lurene joins her first episode and hits the ground running talking about her current role within Talos. She, Mitch and Matt talk about the major differences between exploit development and vulnerability discovery, and how Lurene started her career in exploit development. While exploit development might sound like the stereotypical thing a "basement hacker" does, it's actually very im...
A(nother) new host approaches!
August 31, 2022 17:00 - 1 hour - 41.5 MBWe're excited to add to the growing Beers with Talos family with the addition of Lurene Grenier to the squad. Lurene joins her first episode and hits the ground running talking about her current role within Talos. She, Mitch and Matt talk about the major differences between exploit development and vulnerability discovery, and how Lurene started her career in exploit development. While exploit development might sound like the stereotypical thing a "basement hacker" does, it's actually very im...
Beers with Talos Ep. #117: Talos' Big Game commercial about a month too late
August 12, 2022 17:00 - 43 minutes - 29.7 MBWe’re dropping two episodes today. This is undoubtedly the less serious of the two, as it was recorded prior to the invasion of Ukraine. Check out Ep. #118 for more on that situation. In this episode, though, we got to talk about Talos’ involvement at the Super Bowl. Mitch welcomes on Brett Ellis, who was at SoFi Stadium in Los Angeles to help defend “The Big Game,” of Talos Incident Response to discuss his experience. He, JJ and Liz talk about what goes into securing these major global even...
Beers with Talos Ep. #109: We have not secured our society — Or, working out a conference talk in realtime
August 12, 2022 17:00 - 53 minutes - 37.1 MBMost of the Beers with Talos folks are refreshed after a summer vacation. But don’t assume that means they actually prepared for this episode. This is more of a free-flowing episode, where we discuss cyber conflict between nations — one of the many things that keep Matt up at night. They go back and forth discussing what a “cyber war” could actually look like, and what crosses the line into conflict versus traditional “hacktivism.”
Beers with Talos Ep. #107: Sailing the high seas in search of privateer groups
August 12, 2022 17:00 - 39 minutes - 27.2 MBYou’re not going to believe this, but everyone actually agreed on something in this episode. And no, it’s not regarding the best flavor of beef jerky. In this episode, we discuss a new category of threat actors that we’re choosing to call privateers. The guys discuss why this classification is much needed in the security community, the previous research on this topic, and the ways private security firms can partner with public intelligence agencies to protect against this type of threat. You...
Beers with Talos, Ep. #115: Everybody's measured by quarters — even threat actors
August 12, 2022 17:00 - 1 hour - 44.9 MBWe wanted to start off the new year by reflecting on 2021 with Talos Incident Response. The one thing many cyber attacks had in common? People. There are issues that arise any time humans are involved, whether it’s being tempted by a phish or someone making simple human errors. So, Matt, Mitch and Liz discuss how logs are crucial during the worst-case scenario and look at how to remove human error as much as possible from the equation. Outside of initial infection vectors, there are plenty...
Beers with Talos Ep. #114: And then there were two...
August 12, 2022 17:00 - 54 minutes - 37.7 MB(Uploaded again, this time with the correct music!) The OG Beers with Talos folks are dropping like flies, because now we also have to say goodbye to Joel! We know this has been quite the roller coaster for listeners, but we appreciate you all sticking with us through all these changes. We take some time in Joel’s farewell to discuss “Rent,” as only BWT could, and burnout in cybersecurity.
Beers with Talos Ep. #113: Emergency Log4j live show
August 12, 2022 17:00 - 59 minutes - 41 MBLog4j was a big enough deal that we finally decided to host a live show. Mitch, Matt, Liz and special guest JJ Cummings from our Threat Intel team got together to update everyone on where things stand with this critical vulnerabilities. It’s not all doom and gloom though, Matt at least brought some memes!
Is More than Executive Action in Order?
August 12, 2022 17:00 - 50 minutes - 34.5 MBRecorded May 11, 2020 – Craig wins MVP of the podcast for his attempts to avoid discussing… something. Anyway, we went a little long on this podcast, but stick with us as we wind through the recent Executive Order on cybersecurity, and then discuss another… interesting take on how we should then combat these new threats. I feel almost obligated to let you know before you listen, it’s a letter of marque take, and oddly, we all agreed on something.Full show notes on the Talos blog
Beers with Talos Ep. #112: A new host approaches!
August 12, 2022 17:00 - 56 minutes - 39.1 MBThis is our first episode sans-Craig, but we didn’t wait long to find his replacement! Tune in as we add a new host to the crew. Then, we talk about drama on the ransomware landscape among as-a-service groups. Please note, we recorded this episode before everything dropped on Log4J. We are recording an emergency episode as we speak on this and will be releasing it later this week.
Beers with Talos Ep. #122: LIVE and in living color from RSA
August 12, 2022 17:00 - 40 minutes - 28.1 MBWe recorded this special episode live and actually in person last week at the RSA Conference, and we have a special treat for the listeners. The ever-elusive Matt Watchinski, Talos’ fearless leader, joins the show. We mainly spend some time talking about Talos’ work defending Ukraine during the invasion of Russia. Tomorrow, be on the lookout for a more laid-back podcast in the Security Stories feed, because the BWT crew stuck around to record a special episode with them, too.
Beers with Talos Ep. #111: Saying farewell to Craig and his killer robots
August 12, 2022 17:00 - 47 minutes - 32.4 MB[Re-uploaded to fix an audio gap.] Yes, we’ve been sitting on this one for a while. But it’s worth it, we promise! We wanted to wait until we had more news to share, so it’s finally time to announce that Craig has left us. We will absolutely miss Craig, but look forward to the next act of Beers with Talos now that 2/5ths of the original crew is gone. We take the time to reminisce with Craig about his time at Talos and talk about this new trend of “bandwidth-sharing” applications. Stay tuned ...
Beers with Talos, Ep. #110: The 10 most-exploited vulnerabilities this year (You won't believe No. 6!)
August 12, 2022 17:00 - 54 minutes - 37.5 MBWe mainly spend this episode doing some catching up because it’s been a while since we recorded. But on the actual, helpful, front, we discuss a recently released list of the vulnerabilities that are most often exploited in the wild, according to the U.S. Cybersecurity and Infrastructure Security Agency. It’s particularly interesting to compare the lists from 2020 and 2021 to see how threat actors have changed up their tactics and parse through all the information to tell you what you need ...
Beers with Talos Ep. #120: How attackers are finding new ways to bypass MFA
August 12, 2022 17:00 - 47 minutes - 33 MBOur rotation of special guests continues on with Nate Pors from Talos Incident Response. Nate has been following several different attacks in which attackers bypassed multi-factor authentication with “prompt bombing” and other techniques. The crew discusses what the security community can do to make MFA safer and how to improve user education about using the technology. Plus, Matt gets an opportunity to eat some humble pie regarding the FBI and the removal of wireless router malware, so that...
Beers with Talos Ep. #119: If it walks like a BlackCat, meows like a BlackCat...
August 12, 2022 17:00 - 33 minutes - 22.8 MBWe’re all still pretty exhausted from our work in Ukraine. But that hasn’t slowed down any of the threat actors, unfortunately. So we enlisted special guest Nick Biasini to dive into the BlackCat ransomware group to discuss how it potentially is or isn’t connected to BlackMatter/DarkSide. These ransomware-as-a-service groups surprisingly run like regular companies, and even have the same problems with employee retention! Plus, Matt and Liz provide updates on their work in helping to defend U...
Beers with Talos Ep. #118: Reacting to the current situation in Ukraine
August 12, 2022 17:00 - 41 minutes - 28.3 MBThis was admittedly a tough one to record. In the middle of us trying to respond to the situation in Ukraine, we felt it was important to let our listeners in a bit. Matt, JJ and Liz discuss the work they and their teams are doing in Ukraine to protect critical systems there and keep users online. We also talk about the human side of things, and why it’s important for folks in cybersecurity to think about self care during this time. If you want to stay up to date on Talos’ work in Ukraine a...
Kaseya it ain't so
August 12, 2022 17:00 - 52 minutes - 36.2 MBSummer hacking, happened so fast…. We’ve been trying to enjoy our summer, but supply chain attacks just had to go and ruin the fun. So Mitch got back from fishing and decided to pull the guys together to discuss the Kaseya supply chain attack. We cover this major event BWT-style, and talk phony patches, mitigation strategies, and unsolicited advice for Kaseya’s CISO. For more, you can also watch our recent live stream with Nick Biasini covering everything you need to know about this attack. ...
Beers with Talos Ep. #116: Let's talk about the Olympics (but not in the way you were expecting)
August 12, 2022 16:00 - 45 minutes - 31.2 MBMost people would expect us to approach the Winter Olympics from a security perspective. Why are athletes using burner phones? Are we worried about any state-sponsored attacks? Not this year, folks! Instead, we rank each country’s curling uniforms, discuss the origins of ski jumping and debate which events would be the most difficult to compete in. On the actual cybersecurity front, we did carve out some time to discuss two state-sponsored threat actors Talos has written about recently: Ari...
Beers with Talos Ep. #124: There's no such thing as "I have nothing to hide"
August 12, 2022 16:00 - 38 minutes - 26.6 MBWe’ve all heard that popular refrain by now: “Well I have nothing to hide so I don’t care if the government sees my data.” This week, we tell these people they are completely wrong. Ashlee Benge joins the show to discuss her upcoming BlackHat talk on the types of data and personal information health apps track. This has taken on special importance in the overturning of Roe vs. Wade in the U.S, making many forms of abortion illegal in many states. Ashlee talks about how women’s health apps ma...
Beers with Talos Ep. #123 (FIXED!): Hunting for ransomware actors on *whispers* the dark web
August 12, 2022 16:00 - 35 minutes - 24.5 MBRe-uploaded on July 22, 2022 to fix audio issues — We’re back from RSA, Cisco Live and COVID breaks (yes, those things are all absolutely related). Paul Eubanks joins the show to talk about his recent blog post on unmasking ransomware actors on the dark web. He’ll go over several different tactics he and his team use to remove actors’ anonymity that’s so important when actors are working on these websites. Liz provides her take on this from an Incident Response perspective, and Matt semi-pa...
Beers with Talos Ep. #121: The ghost of conferences past
August 12, 2022 16:00 - 29 minutes - 20.1 MBWe wanted to prep for the RSA/Cisco Live stretch of June by looking back on security conferences past. Mitch, Matt and Liz got together to talk about their best and worst conference memories. Plus, Mitch has an overview of everything Talos is doing at RSA and Cisco Live, including a LIVE episode of Beers with Talos next week at RSA. There is a little security talk at least, as we also cover the latest goings on between the Conti ransomware group and Costa Rica’s government.
Beers with Talos Ep. #123: Hunting for ransomware actors on *whispers* the dark web
July 15, 2022 13:16 - 35 minutes - 48.4 MBWe’re back from RSA, Cisco Live and COVID breaks (yes, those things are all absolutely related). Paul Eubanks joins the show to talk about his recent blog post on unmasking ransomware actors on the dark web. He’ll go over several different tactics he and his team use to remove actors’ anonymity that’s so important when actors are working on these websites. Liz provides her take on this from an Incident Response perspective, and Matt semi-pays attention as he ponders how much he hates The Car...
[CROSS-BROADCAST]Security Stories Ep. 27: Dealing with stress, burnout and mental health in the threat intelligence industry
May 24, 2021 19:59 - 58 minutes - 40.4 MBThis is a very different episode in that it isn’t really a BWT episode at all. Hazel Burton from the Security Stories podcast invited Matt and Mitch to come on with the leader of Talos, Matt Watchinski. The idea was to chat with Hazel and her co-hosts Ben and Sana about burnout from three levels of a security research team. What followed as we all started talking was real and unfiltered conversation from many very different points of view. We talked about what has worked, what hasn’t, and ou...
Supply Chain has Matt Hopping Mad Like a Kangaroo
May 18, 2021 14:25 - 43 minutes - 30.1 MBRecorded March 30, 2021 – What better way to discuss supply chain attacks than to have Matt demonstrate how easily you can blend your payload into normal operations via Twitter shenanigans? We’re talking about (surprise!) supply chain attacks and how their rise to prevalence is notable, albeit expected. Supply chain gets linked in with privacy concerns as we round out the ep discussing the Signal/Cellebrite situation. Listen to the episode before you read Matt’s tweet (linkedin the full show...
ICS/SCADA Security - The Permanence and People Problems
April 21, 2021 19:30 - 42 minutes - 29.2 MBRecorded March 2021 – ICS and SCADA systems are deeply embedded all around us in critical infrastructure. Today we talk about some of the inherent issues in infrastructure security and take a wide-ranging look at the ICS- and SCADA-specific issues found there. Joe Marshall from the Talos Outreach group joins to share his insights on the space and how donuts are the ultimate career track switching tool. Oh- and Matt’s cat discovers jerky.Full show notes on the Talos blog
Twitter has Questions for Us
April 07, 2021 19:53 - 32 minutes - 22.7 MBWe’ve been quiet for a minute, but we have a few new EPs ready to go, starting with some of your questions from Twitter. And yes, one of the first questions concerns Craig and the robots. Do you have a question you’d like to ask us for the next listener questions episode? Send us a tweet (links below). Ask us anything security related or something else entirely. It’s your question, I’m not going to tell you what to ask. Full show notes on the Talos blog
Is Security the Career You Really Want?
February 24, 2021 20:46 - 39 minutes - 45.8 MBWe get a lot of questions in Talos about HOW to get a job in security. This ep takes a look at figuring out IF Security is the right career choice for you - and if so, where? The industry is a big place with so many different skills in demand, so having a good idea of your strengths and weaknesses is a good place to start. One constant is that curiosity, constant learning, and certain base knowledge seems to be correlated with success across most skills in the industry. We wrap it all up ta...
The Super Sized Centennial EP
February 09, 2021 16:08 - 1 hour - 52 MBRecorded January 8, 2020 – It’s hard to believe that we have made 100 episodes of BWT. It easily feels like two or three times that many. This is a long winded show, as we welcome back our buddy Nigel for this special milestone. As an unintentional nod to our early episodes, the opening roundtable gets way off track and we basically host an “In-between” ep in the middle of a regular show. We also dig into supply chain attacks, in light of the recent SolarWinds incident, delving into defensi...
P@ssw0rds and Closing Out 2020
January 15, 2021 21:55 - 28 minutes - 19.9 MBThis EP was recorded toward the end of the year and lived a quiet, but meaningful life in the production queue patiently waiting it’s turn to get released. In this Ep, we dig into a discussion on passwords and some of the issues both conceptually and in practice. Passwords aren’t inherently problematic, but how they are used…sometimes is. We discuss best practices to share with your friends and also touch on MFA (and SMS as an option of last resort). Craig seems to think lock analogies are k...