Avatar

Talos Group

Talos Security Intelligence & Research Group

The Talos Security Intelligence and Research Group (Talos) is made up of leading threat researchers supported by sophisticated systems to create threat intelligence for Cisco products that detects, analyzes and protects against both known and emerging threats. Talos maintains the official rule sets of Snort.org, ClamAV, SenderBase.org and SpamCop. This blog profile is managed by multiple authors with expertise that spans software development, reverse engineering, vulnerability triage, malware investigation and intelligence gathering.

Talos is the primary team that contributes threat information to the Cisco Collective Security Intelligence (CSI) ecosystem. Cisco CSI is shared across multiple security solutions and provides industry-leading security protections and efficacy. In addition to threat researchers, CSI is driven by intelligence infrastructure, product and service telemetry, public and private feeds and the open source community.

Articles

May 11, 2018

THREAT RESEARCH

Threat Roundup for May 04 – 11

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 4 and May 11. As with previous round-ups, this post isn't meant to be an...

May 9, 2018

THREAT RESEARCH

Gandcrab Ransomware Walks its Way onto Compromised Sites

1 min read

While we've seen cryptocurrency miners overtake ransomware as the most popular malware on the threat landscape, Gandcrab is proof that ransomware can still strike at any time.

May 8, 2018

THREAT RESEARCH

Wipers – Destruction as a means to an end

1 min read

Security threats and attacks come in many shapes and forms, but none have been more impactful than wiper attacks. Attackers who deploy wiper malware have a singular purpose of destroying or disrupting systems and/or data.

May 8, 2018

THREAT RESEARCH

Microsoft Patch Tuesday – May 2018

1 min read

Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 67 new vulnerabilities,...

May 7, 2018

THREAT RESEARCH

Vulnerability Spotlight: MySQL Multi-Master Manager Remote Command Injection Vulnerability

1 min read

Today, Talos is releasing details of a new vulnerability within MySQL Multi-Master Manager. This is used to perform monitoring, failover and management of MySQL master-master replication configurations.

May 4, 2018

2

THREAT RESEARCH

Threat Round Up for April 27 to May 04

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 27 and May 4. As with previous roundups, this post isn't meant to be an...

April 27, 2018

1

THREAT RESEARCH

Talos Threat Round Up for April 20-27

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 06 and April 13. As with previous round-ups, this post isn't meant to be an...

April 26, 2018

THREAT RESEARCH

Vulnerability Spotlight: Hyland Perceptive Document Filters Multiple Vulnerabilites

1 min read

Talos has discovered multiple vulnerabilities in Hyland Perceptive Document Filters software. This software is a toolkit that allows developers to read and extract metadata from a file.

April 26, 2018

THREAT RESEARCH

GravityRAT – The Two-Year Evolution Of An APT Targeting India

1 min read

GravityRAT malware has implemented new features, such as file exfiltration, remote command execution capability and anti-vm techniques. Consistent evolution and innovation beyond standard remote code execution is concerning.