Avatar

Talos Group

Talos Security Intelligence & Research Group

The Talos Security Intelligence and Research Group (Talos) is made up of leading threat researchers supported by sophisticated systems to create threat intelligence for Cisco products that detects, analyzes and protects against both known and emerging threats. Talos maintains the official rule sets of Snort.org, ClamAV, SenderBase.org and SpamCop. This blog profile is managed by multiple authors with expertise that spans software development, reverse engineering, vulnerability triage, malware investigation and intelligence gathering.

Talos is the primary team that contributes threat information to the Cisco Collective Security Intelligence (CSI) ecosystem. Cisco CSI is shared across multiple security solutions and provides industry-leading security protections and efficacy. In addition to threat researchers, CSI is driven by intelligence infrastructure, product and service telemetry, public and private feeds and the open source community.

Articles

December 13, 2019

THREAT RESEARCH

Threat Roundup for December 6 to December 13

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Dec 6 and Dec 13. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

December 11, 2019

THREAT RESEARCH

Talos Vulnerability Discovery Year in Review – 2019

Introduction Cisco Talos’ Systems Security Research Team investigates software, operating system, IOT and ICS vulnerabilities in order to discover them before malicious threat actors do. We provide this information to the affected vendors so that they can create patches and protect their customers as soon as possible. We strive to improve the security of our […]

December 6, 2019

THREAT RESEARCH

Threat Roundup for November 29 to December 6

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Nov 29 and Dec 6. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

November 22, 2019

THREAT RESEARCH

Threat Roundup for November 15 to November 22

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Nov 15 and Nov 22. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

November 15, 2019

THREAT RESEARCH

New research: Are you really ready for today’s security threats?

Your business invests in all the latest security technologies. You run training. You meet your compliance requirements for scans and tests. You can stand up in front of the board and say with confidence “we’ve got this covered.” But are you as prepared as you think? New research from ESG sheds new light on threat […]

November 14, 2019

THREAT RESEARCH

Custom dropper hide and seek

Most users assume they are safe when surfing the web on a daily basis. But information-stealing malware can operate in the background of infected systems, looking to steal users’ passwords, track their habits online and hijack personal information. Cisco Talos has monitored adversaries which are behind a wave of ongoing campaigns dropping well-known information-stealer like […]

November 13, 2019

THREAT RESEARCH

Hunting For LolBins

Attackers’ trends tend to come and go. But one popular technique we’re seeing at this time is the use of living-off-the-land binaries — or “LoLBins”. LoLBins are used by different actors combined with fileless malware and legitimate cloud services to improve chances of staying undetected within an organisation, usually during post-exploitation attack phases. Living-off-the-land tactics […]

November 8, 2019

THREAT RESEARCH

Threat Roundup for November 1 to November 8

Talos is publishing a glimpse into the most prevalent threats we've observed between Nov 1 and Nov8.

November 5, 2019

THREAT RESEARCH

How Adversaries Use Politics for Compromise

Cisco Talos recently discovered several malware distribution campaigns where the adversaries were utilizing the names and likenesses of several prominent political figures.