Andrew Tsonchev



Andrew is a researcher with the TALOS Outreach team. He is based in London, UK. In this role he is responsible for identifying threats facing Cisco's customers, researching these threats, and communicating the findings externally.

Andrew's background is originally in physics and he has a BA from Oxford University. After completing his physics undergraduate he decided to focus on the intersection of physics and philosophy, and completed a philosophy degree at King's College London. After leaving university he changed direction and decided to pursue a career in cyber security.


June 5, 2014


RIG Exploit Kit Strikes Oil

8 min read

This post was co-authored by Levi Gundert with contributions from Emmanuel Tacheau and Joel Esler. In the last month we have observed high levels of traffic consistent with the new “RIG” exploit kit (EK), as identified by Kahu Security. This new EK reportedly began being advertised on criminal forums in April, which coincides with when […]

November 6, 2013


New Fake UPS Malware Email Campaign

1 min read

We have detected evidence of a malware distribution campaign using messages masquerading as UPS delivery notification emails. These campaigns attempt to deceive the targets into thinking they are receiving mail from a trusted sender in order to dupe the recipient into installing malware, possibly for financial gain. Once the initial attack vector is installed, further […]