Avatar

Talos Group

Talos Security Intelligence & Research Group

The Talos Security Intelligence and Research Group (Talos) is made up of leading threat researchers supported by sophisticated systems to create threat intelligence for Cisco products that detects, analyzes and protects against both known and emerging threats. Talos maintains the official rule sets of Snort.org, ClamAV, SenderBase.org and SpamCop. This blog profile is managed by multiple authors with expertise that spans software development, reverse engineering, vulnerability triage, malware investigation and intelligence gathering.

Talos is the primary team that contributes threat information to the Cisco Collective Security Intelligence (CSI) ecosystem. Cisco CSI is shared across multiple security solutions and provides industry-leading security protections and efficacy. In addition to threat researchers, CSI is driven by intelligence infrastructure, product and service telemetry, public and private feeds and the open source community.

Articles

June 12, 2018

THREAT RESEARCH

Microsoft Patch Tuesday – June 2018

1 min read

Microsoft released its monthly security advisories, including 50 flaws (11 of them "critical") impacting Microsoft Edge, Internet Explorer, Chakra Scripting Engine, Windows DNSAPI, Microsoft Office, Windows Kernel and more.

June 6, 2018

3

THREAT RESEARCH

VPNFilter Update – VPNFilter exploits endpoints, targets new devices

1 min read

Cisco Talos has discovered additional details regarding "VPNFilter," which is targeting more makes/models of devices than initially thought, and has additional capabilities to deliver exploits to endpoints.

June 4, 2018

THREAT RESEARCH

Vulnerability Spotlight: TALOS-2018-0535 – Ocularis Recorder VMS_VA Denial of Service Vulnerability

1 min read

Talos is disclosing a denial-of-service vulnerability in the Ocularis Recorder. Ocularis is a video management software (VMS) platform used in a variety of settings, from convenience stores, to city-wide deployments....

May 31, 2018

1

THREAT RESEARCH

NavRAT Uses US-North Korea Summit As Decoy For Attacks In South Korea

1 min read

Talos discovered a malicious Hangul Word Processor (HWP) document targeting Korean users. If a malicious document is opened, a remote access trojan, "NavRAT," downloads with command execution and keylogging capabilities.

May 31, 2018

THREAT RESEARCH

Vulnerability Spotlight: Natus NeuroWorks Multiple Vulnerabilites

1 min read

In April 2018, Talos published 5 vulnerabilities in Natus NeuroWorks software. We have identified 3 additional vulnerabilities in the Natus Xltek EEG medical products from Natus Medical Inc.

May 26, 2018

THREAT RESEARCH

Threat Roundup for May 18-25

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 18 and May 25. As with previous round-ups, this post isn't meant to be an...

May 23, 2018

25

THREAT RESEARCH

New VPNFilter malware targets at least 500K networking devices worldwide

2 min read

For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor's widespread use.

May 16, 2018

1

THREAT RESEARCH

TeleGrab – Grizzly Attacks on Secure Messaging

1 min read

Over the past month-and-a-half, Talos has seen the emergence of a malware that collects cache and key files from end-to-end encrypted instant messaging service Telegram. This malware was first seen...

May 15, 2018

THREAT RESEARCH

Vulnerability Spotlight: Multiple Adobe Acrobat Reader DC Vulnerabilities

1 min read

Discovered by Aleksandar Nikolic of Cisco Talos, new details of Javascript vulnerabilities within Adobe Acrobat Reader DC.