Avatar

Talos Group

Talos Security Intelligence & Research Group

The Talos Security Intelligence and Research Group (Talos) is made up of leading threat researchers supported by sophisticated systems to create threat intelligence for Cisco products that detects, analyzes and protects against both known and emerging threats. Talos maintains the official rule sets of Snort.org, ClamAV, SenderBase.org and SpamCop. This blog profile is managed by multiple authors with expertise that spans software development, reverse engineering, vulnerability triage, malware investigation and intelligence gathering.

Talos is the primary team that contributes threat information to the Cisco Collective Security Intelligence (CSI) ecosystem. Cisco CSI is shared across multiple security solutions and provides industry-leading security protections and efficacy. In addition to threat researchers, CSI is driven by intelligence infrastructure, product and service telemetry, public and private feeds and the open source community.

Articles

July 26, 2019

THREAT RESEARCH

Threat Roundup for July 19 to July 26

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 19 and July 26. As...

July 22, 2019

THREAT RESEARCH

Let’s Destroy Democracy

Election security through an adversary’s eyes This post was authored by Matt Olney

July 19, 2019

THREAT RESEARCH

Threat Roundup for July 12 to July 19

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 12 and July 19. As...

July 15, 2019

THREAT RESEARCH

SWEED: Exposing years of Agent Tesla campaigns

By Edmund Brumaghin and other Cisco Talos researchers. Executive summary Cisco Talos recently identified a large number of ongoing malware distribution campaigns linked to a threat actor we're calling "SWEED,"...

July 12, 2019

THREAT RESEARCH

Threat Roundup for July 5 to July 12

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 5 and July 12. As...

July 11, 2019

THREAT RESEARCH

Should governments pay extortion payments after a ransomware attack?

When it comes to ransomware attacks this year, it’s been a tale of three cities. In May, the city of Baltimore suffered a massive ransomware attack that took many of its...

July 9, 2019

THREAT RESEARCH

Sea Turtle Keeps on Swimming

By Danny Adamitis with contributions from Paul Rascagneres. Executive summary After several months of activity, the actors behind the "Sea Turtle" DNS hijacking campaign are not slowing down. Cisco Talos recently discovered...

July 5, 2019

THREAT RESEARCH

Threat Roundup for June 28 to July 5

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 28 and July 5. As...