Beers with Talos (BWT) Podcast episode No. 85 is now available. Download this episode andsubscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here.
By Mitch Neff.Recorded June 5, 2020
Prod. Note: The team decided to hold back on releasing a few episodes for a period of time, acknowledging that there are voices people need to hear more than ours discussing issues vital to equality and justice for so many. This is the last of those delayed eps, please pardon any weeks-old info. Be safe, be kind, and listen to each other. Black lives matter.
This was a difficult show to make in light of the events of the week prior (to the recording date). We were all in a mood along with the rest of the US and the world, and it showed. Since the Roundtable takes were roughly 90 percent extra spicy swearing, we ditch that all together and dig right into vulnerabilities and exploits this episode — starting with a question from Twitter and then looking at the top 10 most exploited vulnerabilities from a recent CISA report (disclosure: Talos participated in the creation of this report). We start to dig into some deeper convos around pen-testing platforms and exploit stability that are sure to be revisited in upcoming episodes.
The timeline:
00:36 — Jumping right in with a Twitter question on better prioritizing CVEs
03:30 — The most routinely exploited vulns - according to CISA
12:30 — Zero-day and why APTs aren’t waiting on offensive security tools
18:30 — Why stability of exploits matters a lot
24:30 —Zoom Vulns:Cloud, server, or client lines gets blurry
28:00 — Closing thoughts and parting shots
