Joe, Hazel, Bill and Dave break down Talos' Year in Review 2024 and discuss how and why cybercriminals have been leaning so heavily on attacks that are routed in stealth in simplicity. The team also provide insights into some of the topics of the report, including the top-targeted vulnerabilities of the year, network-based attacks, adversary toolsets, identity attacks, multi-factor authentication (MFA) abuse, ransomware and AI-based attacks.

For the full report, head to blog.talosintelligence.com/2024yearinreview

Bill springs a surprise topic on the team in this episode - how did you get into cybersecurity, and what skills have you brought with you throughout your career? What ensues is a rather lovely, vulnerable conversation that we hope will be helpful for anyone currently thinking about their next career move.

Before that Dave has some surprising facts about Tasmanian devils, what they didn't cover (or deliberately hid?) in Looney Tunes, and why the scientific name for Tasmanian devils is a hotly debated topic.

Some resources for getting into cybersecurity:

Threat intelligence 101 with Cisco Talos

Diversity in cybersecurity: A mosaic of career opportunities

How to hire the best (an earlier episode of BWT that Bill references)

More hijinks and silliness ensue in the second episode of the BWT B Team podcast. Joe shares his frustration with being involuntarily removed from a social media platform, Hazel conducts a live experiment, Dave talks about his newfound addiction to crossword puzzles and its parallels to cybersecurity, and Bill recommends the game "Nine Lives" and shares his top books of the year.

Joe also briefly chats about his work customizing a tabletop cybersecurity game for humanitarian organizations. And we do a shoutout to Talos’ research on vulnerable Windows drivers and proxy chain abuse.

Find the latest research at https://blog.talosintelligence.com

With Mitch, Matt and Lurene currently stuck in the void, the Beers with Talos B team duly elect themselves to reopen the sacred BWT airwaves with their own brand of nonsense.

Hazel, Joe, Bill and Dave each share the security rabbit hole they went down this week - from analyst in-jokes about AI, oligarchs and bad actors refusing to learn good op sec, the songs you'd play to send a message mid-hack, and the long awaited return of Turkey Lurkey Man, TM. Dave's insane creation is back with an exciting new take on Thanksgiving.

For all the latest and greatest Talos research not featuring six degrees of Ally McBeal, head to https://blog.talosintelligence.com

Power grid security expert Joe Marshall joins the crew today to talk all things, well, power grid security. But not before he gets an impromptu pop quiz from Matt in the roundtable.

Joe then tells some stories from his days working in electric utility, deploying new systems and his experiences with pentesting teams ("Wow, y'all need to stop!"). Plus, the team ask Joe about the risks with both aging infrastructure versus newer, smarter based infrastructure. And what happens when threat actors target critical infrastructure?

Matt, Mitch and Lurene discuss if the internet is better or worse today than it was 20 years ago. This leads them to discuss their various career paths, with Lurene talking about how she got into vulnerability exploitation and how Matt got into threat intelligence. And why neither of those paths would be recommended today. Lurene and Matt then clash about threat research and and the importance of approaching things from a "how do I be a problem" perspective.

You will no doubt have seen the advisories published over the last few weeks concerning Volt Typhoon's malicious activities. In this episode, JJ Cummings joins the crew to discuss the background to this threat actor, their impact on the threat landscape, and the covertly strategic (and specific) nature of their operations. The team also discusses their recommendations for defenders, particularly for critical infrastructure organizations.

The CISA statement on Volt Typhoon can be found here https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-038a