Podcasts

Beers with Talos

Threats, Beers, and No Silver Bullets

Listen to Talos security experts as they bring their hot takes on current security topics and Talos research to the table. Along the way Hazel, Mitch, Matt and a rotating chair of special guests will talk about anything (and we mean anything) that's on their minds, from the latest YouTube trends to Olympic curling etiquette. New episodes every other Thursday.


Space Pirates, Living Off Trusted Services, & Bill Declares Food War

In this episode of Beers with Talos, Hazel, Bill, Dave and Joe are joined by Talos Security Research Engineer James Nutland to discuss Living Off Trusted Services (LOTS) - a growing technique where attackers use platforms such as GitHub, Google Drive, Microsoft services and Telegram for command and control, malware delivery and data exfiltration.

We explore why this trend is growing, how it differs from Living Off the Land (LOTL)....and Lord of the Rings (LOTR)....why trusted services create new detection challenges, and what defenders should be monitoring.

Also in this episode:

  • Data centers in space, when physics still has to physics.
  • A USA vs UK Independence Day food showdown.
  • Hazel faces another round of Make Hazel a Hacker.
  • A new Reason Not to Quit looks at the latest successes from Operation Endgame.
  • Bill gets his own corner.

Here's the LOTS project repository mentioned in the episode https://lots-project.com/

Talos Takes

Talos’ spin on security news

Every week, our host brings on a new guest from Talos or the broader Cisco Security world to break down a complicated security topic in just five or 10 minutes. We cover everything from breaking news to attacker trends and emerging threats.


From evasion to detection: A guide to analyzing COM-based threats

While the Component Object Model (COM) is a fundamental Windows technology that allows software to communicate and function, it's also a powerful tool for threat actors looking to move laterally, maintain persistence, and evade traditional security measures.

Joining us is Vanya Svajcer, who shares his expertise on how to cut through the noise and identify malicious signals within COM-based binaries. Whether you are a seasoned researcher or just starting your journey into reverse engineering and malware analysis, here's some practical advice on how to start hunting for COM-based threats and making your next investigation a little more effective.

Vanja's blog: https://blog.talosintelligence.com/introduction-to-com-usage-by-windows-threats