Avatar

Talos Group

Talos Security Intelligence & Research Group

The Talos Security Intelligence and Research Group (Talos) is made up of leading threat researchers supported by sophisticated systems to create threat intelligence for Cisco products that detects, analyzes and protects against both known and emerging threats. Talos maintains the official rule sets of Snort.org, ClamAV, SenderBase.org and SpamCop. This blog profile is managed by multiple authors with expertise that spans software development, reverse engineering, vulnerability triage, malware investigation and intelligence gathering.

Talos is the primary team that contributes threat information to the Cisco Collective Security Intelligence (CSI) ecosystem. Cisco CSI is shared across multiple security solutions and provides industry-leading security protections and efficacy. In addition to threat researchers, CSI is driven by intelligence infrastructure, product and service telemetry, public and private feeds and the open source community.

Articles

July 19, 2018

THREAT RESEARCH

Vulnerability Spotlight: Foxit PDF Reader JavaScript Remote Code Execution Vulns

1 min read

Overview Discovered by Aleksandar Nikolic of Cisco Talos. Talos is disclosing a pair of vulnerabilities in Foxit PDF Reader. Foxit PDF...

July 19, 2018

THREAT RESEARCH

Vulnerability Spotlight: Multiple Vulnerabilities in ACD Systems Canvas Draw 4

1 min read

These vulnerabilities were discovered by Tyler Bohan of Cisco Talos Today, Talos is disclosing several vulnerabilities that have been identified in Canvas Draw graphics editing tool for...

July 13, 2018

1

THREAT RESEARCH

Threat Roundup for July 6-13

1 min read

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we've observed this week — covering the dates between July 6 and 13....

July 12, 2018

1

THREAT RESEARCH

Advanced Mobile Malware Campaign in India uses Malicious MDM

1 min read

Cisco Talos has identified a highly targeted campaign against 13 iPhones which appears to be focused on India. The attacker deployed an open-source mobile device management (MDM) system to control enrolled devices.

July 11, 2018

THREAT RESEARCH

Vulnerability Spotlight: Computerinsel Photoline Multiple Vulnerabilities

1 min read

Cisco Talos is disclosing several vulnerabilities within Computerinsel PhotoLine, an image processing tool used to modify and edit images and graphics. The vulnerabilities are present in the parsing functionality.

July 10, 2018

THREAT RESEARCH

Vulnerability Spotlight: Multiple Antenna House Vulnerabilities

1 min read

Cisco Talos has identified six vulnerabilities in the Antenna House Office Server Document Converter (OSDC). These vulnerabilities can be used to remotely execute code on a vulnerable system.

July 10, 2018

THREAT RESEARCH

Vulnerability Spotlight: Multiple Adobe Acrobat DC Remote Code Execution Vulnerabilties

1 min read

Today, Talos is releasing details of a new vulnerabilities within Adobe Acrobat Reader DC that tricks a user into visiting a malicious web page.

July 6, 2018

THREAT RESEARCH

Threat Roundup for June 29 to July 6th

1 min read

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we've observed this week — covering the dates between June 29 and July...

July 3, 2018

THREAT RESEARCH

Smoking Guns – Smoke Loader learned new tricks

1 min read

Cisco Talos has been tracking a new version of Smoke Loader — a malicious application that can be used to load other malware — for the past several months following...