Avatar

Talos Group

Talos Security Intelligence & Research Group

The Talos Security Intelligence and Research Group (Talos) is made up of leading threat researchers supported by sophisticated systems to create threat intelligence for Cisco products that detects, analyzes and protects against both known and emerging threats. Talos maintains the official rule sets of Snort.org, ClamAV, SenderBase.org and SpamCop. This blog profile is managed by multiple authors with expertise that spans software development, reverse engineering, vulnerability triage, malware investigation and intelligence gathering.

Talos is the primary team that contributes threat information to the Cisco Collective Security Intelligence (CSI) ecosystem. Cisco CSI is shared across multiple security solutions and provides industry-leading security protections and efficacy. In addition to threat researchers, CSI is driven by intelligence infrastructure, product and service telemetry, public and private feeds and the open source community.

Articles

November 27, 2018

THREAT RESEARCH

DNSpionage Campaign Targets Middle East

1 min read

DNSpionage Campaign Targets Middle East This blog post was authored by Warren Mercer and Paul Rascagneres. Executive Summary Cisco Talos recently discovered a new campaign targeting Lebanon and the United...

November 16, 2018

THREAT RESEARCH

Threat Roundup for November 9 to November 16

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 09 and Nov. 16. As with previous roundups, this post isn't meant to be an...

November 9, 2018

THREAT RESEARCH

Threat Roundup for November 2 to November 9

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 02 and Nov. 09. As with previous roundups, this post isn't meant to be an...

November 6, 2018

THREAT RESEARCH

CyberVets U.S.A.: The Mission After Transition

2 min read

Christopher Marshall, a veteran of the U.S. Navy, currently serves as Director of Cybersecurity Research for Cisco Talos Intelligence Group. As a veteran of the U.S....

November 8, 2018

THREAT RESEARCH

Metamorfo Banking Trojan Keeps Its Sights on Brazil

1 min read

Cisco Talos recently identified two ongoing malware distribution campaigns being used to infect victims with banking trojans, specifically financial institutions' customers in Brazil.

November 5, 2018

THREAT RESEARCH

Persian Stalker pillages Iranian users of Instagram and Telegram

1 min read

State-sponsored actors have a number of different techniques at their disposal to remotely gain access to social media and secure messaging applications. Starting in 2017 and continuing through 2018, Cisco...

November 2, 2018

THREAT RESEARCH

Threat Roundup for October 26 to November 2

1 min read

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Oct. 26 and Nov....

November 1, 2018

THREAT RESEARCH

Talos Vulnerability Deep Dive – TALOS-2018-0636 / CVE-2018-3971 Sophos HitmanPro.Alert vulnerability

1 min read

Overview After disclosing two vulnerabilities in Sophos HitmanPro.Alert on Thursday, Cisco Talos will show you the process of developing an exploit for one of these bugs. We will take...

October 31, 2018

THREAT RESEARCH

Vulnerability Spotlight: Multiple Vulnerabilities in Yi Technology Home Camera

1 min read

Vulnerabilities Discovered by Lilith [x_x] of Cisco Talos. Overview Cisco Talos is disclosing multiple vulnerabilities in the firmware of the Yi Technology Home Camera. In order to prevent the exploitation...