Avatar

Talos Group

Talos Security Intelligence & Research Group

The Talos Security Intelligence and Research Group (Talos) is made up of leading threat researchers supported by sophisticated systems to create threat intelligence for Cisco products that detects, analyzes and protects against both known and emerging threats. Talos maintains the official rule sets of Snort.org, ClamAV, SenderBase.org and SpamCop. This blog profile is managed by multiple authors with expertise that spans software development, reverse engineering, vulnerability triage, malware investigation and intelligence gathering.

Talos is the primary team that contributes threat information to the Cisco Collective Security Intelligence (CSI) ecosystem. Cisco CSI is shared across multiple security solutions and provides industry-leading security protections and efficacy. In addition to threat researchers, CSI is driven by intelligence infrastructure, product and service telemetry, public and private feeds and the open source community.

Articles

August 2, 2018

THREAT RESEARCH

Exploitable or Not Exploitable? Using REVEN to Examine a NULL Pointer Dereference.

1 min read

It can be very time-consuming to determine if a bug is exploitable or not. In this post, we’ll show how to decide if a vulnerability is exploitable by tracing back...

July 31, 2018

1

THREAT RESEARCH

Multiple Cobalt Personality Disorder

1 min read

Despite the notion that modern cybersecurity protocols have stopped email-based attacks, email continues to be one of the primary attack vectors for malicious actors — both for widespread and targeted...

July 27, 2018

THREAT RESEARCH

Threat Roundup for July 20-27

1 min read

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we've observed this week — covering the dates between July 20 and 27....

July 26, 2018

THREAT RESEARCH

Vulnerability Spotlight: Multiple Vulnerabilities in Samsung SmartThings Hub

1 min read

These vulnerabilities were discovered by Claudio Bozzato of Cisco Talos. Cisco Talos recently discovered several vulnerabilities present within the firmware of the Samsung SmartThings Hub. In accordance with our coordinated...

July 24, 2018

THREAT RESEARCH

Advanced Mobile Malware Campaign in India uses Malicious MDM – Part 2

1 min read

This blog post is authored by Warren Mercer and Paul Rascagneres and Andrew Williams. Summary Since our initial post on malicious mobile device management (MDM) platforms, we have gathered...

July 23, 2018

3

THREAT RESEARCH

TalosIntelligence.com is rolling out a new dispute system

1 min read

At Cisco Talos, we need customers to be able to provide feedback at all times, whether it be about false positives, false negatives, or missed categories. Because we deal with...

July 20, 2018

1

THREAT RESEARCH

Threat Roundup for July 13-20

1 min read

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we've observed this week — covering the dates between July 13 and 20....

July 20, 2018

THREAT RESEARCH

Vulnerability Spotlight: Multiple Vulnerabilities in Sony IPELA E Series Camera

1 min read

Today, Cisco Talos is disclosing several vulnerabilities discovered with the Sony IPELA E Series Network Camera. Sony IPELA Cameras are network-facing cameras used for monitoring and surveillance. Read More...

July 19, 2018

1

THREAT RESEARCH

Blocking Cryptocurrency Mining with Cisco Talos

1 min read

The value of cryptocurrencies has fluctuated wildly, but the value is still high enough to garner a lot of attention, both legitimate and malicious. Most of the malicious...