Thursday, July 2, 2020

Beers with Talos Ep. #86: It’s just an exploit popularity contest...


Beers with Talos (BWT) Podcast episode No. 86 is now available. Download this episode and
subscribe to Beers with Talos:
If iTunes and Google Play aren't your thing, click here.

By Mitch Neff.

Recorded June 5, 2020


Prod. Note: The team decided to hold back on releasing a few episodes for a period of time, acknowledging that there are voices people need to hear more than ours discussing issues vital to equality and justice for so many.  This is the last of those delayed eps, please pardon any weeks-old info. Be safe, be kind, and listen to each other. Black lives matter. 

This was a difficult show to make in light of the events of the week prior (to the recording date). We were all in a mood along with the rest of the US and the world, and it showed. Since the Roundtable takes were roughly 90 percent extra spicy swearing, we ditch that all together and dig right into vulnerabilities and exploits this episode — starting with a question from Twitter and then looking at the top 10 most exploited vulnerabilities from a recent CISA report (disclosure: Talos participated in the creation of this report). We start to dig into some deeper convos around pen-testing platforms and exploit stability that are sure to be revisited in upcoming episodes.

 The timeline:

  • 00:36 — Jumping right in with a Twitter question on better prioritizing CVEs
  • 03:30 — The most routinely exploited vulns - according to CISA 
  • 12:30 — Zero-day and why APTs aren’t waiting on offensive security tools
  • 18:30 — Why stability of exploits matters a lot
  • 24:30 —Zoom Vulns:Cloud, server, or client lines gets blurry
  • 28:00 — Closing thoughts and parting shots

The Links:

    ==========

    Featuring: Craig Williams (@Security_Craig), Joel Esler (@JoelEsler), Matt Olney (@kpyke) and Nigel Houghton (@EnglishLFC).
    Hosted by Mitch Neff (@MitchNeff).

    Subscribe via iTunes (and leave a review!)


    Subscribe to the Threat Source newsletter


    Give us your feedback and suggestions for topics: beerswithtalos@cisco.com

    No comments:

    Post a Comment