If iTunes and Google Play aren't your thing, click here.
By Mitch Neff.
Recorded June 5, 2020
Prod. Note: The team decided to hold back on releasing a few episodes for a period of time, acknowledging that there are voices people need to hear more than ours discussing issues vital to equality and justice for so many. This is the last of those delayed eps, please pardon any weeks-old info. Be safe, be kind, and listen to each other. Black lives matter.
This was a difficult show to make in light of the events of the week prior (to the recording date). We were all in a mood along with the rest of the US and the world, and it showed. Since the Roundtable takes were roughly 90 percent extra spicy swearing, we ditch that all together and dig right into vulnerabilities and exploits this episode — starting with a question from Twitter and then looking at the top 10 most exploited vulnerabilities from a recent CISA report (disclosure: Talos participated in the creation of this report). We start to dig into some deeper convos around pen-testing platforms and exploit stability that are sure to be revisited in upcoming episodes.
The timeline:
- 00:36 — Jumping right in with a Twitter question on better prioritizing CVEs
- 03:30 — The most routinely exploited vulns - according to CISA
- 12:30 — Zero-day and why APTs aren’t waiting on offensive security tools
- 18:30 — Why stability of exploits matters a lot
- 24:30 —Zoom Vulns:Cloud, server, or client lines gets blurry
- 28:00 — Closing thoughts and parting shots
The Links:
Subscribe via iTunes (and leave a review!)
Check out the Talos Threat Research Blog
Subscribe to the Threat Source newsletter
Follow Talos on Twitter
Give us your feedback and suggestions for topics: beerswithtalos@cisco.com