Beers with Talos (BWT) Podcast episode No. 112 is now available. Download this episode and subscribe to Beers with Talos:

If iTunes and Google Play aren't your thing, click here.

We promised it wouldn't be long until we moved into the next phase of Beers with Talos! We are back with a new episode and a new host — meet Liz Waddell from Cisco Talos Incident Response. Liz joins the crew for the first time to discuss the latest drama on "Days of our Ransomware-as-a-Service Groups" and look at why so many actors' playbooks are making it out into the wild.

Please note, we recorded this episode before all the Log4J stuff dropped. For the latest information on that vulnerability, check out the Talos blog post here. We are working on recording an emergency episode of Beers with Talos addressing Log4J and will be releasing that later this week.

The timeline:

  • 00:30 — Finding a replacement for Craig
  • 02:07 — A new host approaches!
  • 4:04 — Roundtable: Are corsets going to be our next swag item?
  • 14:42 — Days of our Ransomware-as-a-Service
  • 25:37 — How ransomware dates back to the days of floppy disks
  • 37:08 — Attackers disguising themselves as Amnesty International
  • 46:43 — Closing thoughts, parting shots: Should we create a BWT Twitch channel?

Conti ransomware playbook translated

Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus


Featuring: Liz Waddell (@vlsin), Joel Esler (@JoelEsler) and Matt Olney (@kpyke).
Hosted by Mitch Neff (@MitchNeff).

Subscribe via iTunes (and leave a review!)

Check out the Talos Threat Research Blog

Subscribe to the Threat Source newsletter

Follow Talos on Twitter and Instagram

Give us your feedback and suggestions for topics: