Listen to Talos security experts as they bring their hot takes on current security topics and Talos research to the table. Along the way Hazel, Mitch, Matt and a rotating chair of special guests will talk about anything (and we mean anything) that's on their minds, from the latest YouTube trends to Olympic curling etiquette. New episodes every other Thursday.
AI is accelerating vulnerability discovery, so what impact is that having on defenders?
In this episode of Beers with Talos, Hazel, Bill, Joe, and Dave are joined by Nick Biasini to unpack what attackers are doing with AI-assisted vulnerability discovery, why local models rather than frontier models may be a more attractive route for them, and the vendors who are now drowning in a flood of bug reports (many of them junk) as AI sifts through decades of technical debt with nothing but time and patience.
We also kick things off with a listener question about threat trends and the FIFA World Cup, which leads to a discussion about whether any of us could resist Rickrolling the entire planet.
Also in this episode: Joe attempts to "Make Hazel a Hacker" and phish the Pope. Plus, we launch a new segment called “Reasons not to Quit” in which we celebrate defender wins.
Every week, our host brings on a new guest from Talos or the broader Cisco Security world to break down a complicated security topic in just five or 10 minutes. We cover everything from breaking news to attacker trends and emerging threats.
While the Component Object Model (COM) is a fundamental Windows technology that allows software to communicate and function, it's also a powerful tool for threat actors looking to move laterally, maintain persistence, and evade traditional security measures.
Joining us is Vanya Svajcer, who shares his expertise on how to cut through the noise and identify malicious signals within COM-based binaries. Whether you are a seasoned researcher or just starting your journey into reverse engineering and malware analysis, here's some practical advice on how to start hunting for COM-based threats and making your next investigation a little more effective.
Vanja's blog: https://blog.talosintelligence.com/introduction-to-com-usage-by-windows-threats