Avatar

Talos Group

Talos Security Intelligence & Research Group

The Talos Security Intelligence and Research Group (Talos) is made up of leading threat researchers supported by sophisticated systems to create threat intelligence for Cisco products that detects, analyzes and protects against both known and emerging threats. Talos maintains the official rule sets of Snort.org, ClamAV, SenderBase.org and SpamCop. This blog profile is managed by multiple authors with expertise that spans software development, reverse engineering, vulnerability triage, malware investigation and intelligence gathering.

Talos is the primary team that contributes threat information to the Cisco Collective Security Intelligence (CSI) ecosystem. Cisco CSI is shared across multiple security solutions and provides industry-leading security protections and efficacy. In addition to threat researchers, CSI is driven by intelligence infrastructure, product and service telemetry, public and private feeds and the open source community.

Articles

October 30, 2019

THREAT RESEARCH

The commoditization of mobile espionage software

Mobile stalkerware has all sorts of wide-ranging consequences. The creators of these types of apps can track user's locations, see their social media usage and more. And they certainly open...

October 25, 2019

THREAT RESEARCH

Threat Roundup for October 18 to October 25

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct 18 and Oct 25. As...

October 21, 2019

THREAT RESEARCH

Gustuff return, new features for victims

The Gustuff banking trojan is back with new features, months after initially appearing targeting financial institutions in Australia. Cisco Talos first reported on Gustuff in April. Soon after, the actors behind...

October 18, 2019

THREAT RESEARCH

Threat Roundup for October 11 to October 18

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct 11 and Oct 18. As...

October 15, 2019

THREAT RESEARCH

Checkrain fake iOS jailbreak leads to click fraud

Attackers are capitalizing on the recent discovery of a new vulnerability that exists across legacy iOS hardware. Cisco Talos recently discovered a malicious actor using a fake website that claims...

October 11, 2019

THREAT RESEARCH

Threat Roundup for October 4 to October 11

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct 4 and Oct 11. As...

October 11, 2019

THREAT RESEARCH

New IDA Pro plugin provides TileGX support

Cisco Talos has a new plugin available for IDA Pro that provides a new disassembler for TileGX binaries. This tool should assist researchers in reverse-engineering threats in IDA Pro that...

October 4, 2019

THREAT RESEARCH

Threat Roundup for September 27 to October 4

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sep. 27 to Oct 4. As...

September 30, 2019

THREAT RESEARCH

Open Document format creates twist in maldoc landscape

Cisco Talos recently observed attackers changing the file formats they use in an attempt to thwart common antivirus engines.