Avatar

Talos Group

Talos Security Intelligence & Research Group

The Talos Security Intelligence and Research Group (Talos) is made up of leading threat researchers supported by sophisticated systems to create threat intelligence for Cisco products that detects, analyzes and protects against both known and emerging threats. Talos maintains the official rule sets of Snort.org, ClamAV, SenderBase.org and SpamCop. This blog profile is managed by multiple authors with expertise that spans software development, reverse engineering, vulnerability triage, malware investigation and intelligence gathering.

Talos is the primary team that contributes threat information to the Cisco Collective Security Intelligence (CSI) ecosystem. Cisco CSI is shared across multiple security solutions and provides industry-leading security protections and efficacy. In addition to threat researchers, CSI is driven by intelligence infrastructure, product and service telemetry, public and private feeds and the open source community.

Articles

November 8, 2019

THREAT RESEARCH

Threat Roundup for November 1 to November 8

Talos is publishing a glimpse into the most prevalent threats we've observed between Nov 1 and Nov8.

November 5, 2019

THREAT RESEARCH

How Adversaries Use Politics for Compromise

Cisco Talos recently discovered several malware distribution campaigns where the adversaries were utilizing the names and likenesses of several prominent political figures.

November 4, 2019

THREAT RESEARCH

C2 With It All: From Ransomware To Carding

  Cisco Talos recently discovered a new server hosting a large stockpile of malicious files. Our analysis of these files shows that these attackers were able to obtain a deep...

November 1, 2019

THREAT RESEARCH

Threat Roundup for October 25 to November 1

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct 25 and Nov 1. As...

October 30, 2019

THREAT RESEARCH

The commoditization of mobile espionage software

Mobile stalkerware has all sorts of wide-ranging consequences. The creators of these types of apps can track user's locations, see their social media usage and more. And they certainly open...

October 25, 2019

THREAT RESEARCH

Threat Roundup for October 18 to October 25

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct 18 and Oct 25. As...

October 21, 2019

THREAT RESEARCH

Gustuff return, new features for victims

The Gustuff banking trojan is back with new features, months after initially appearing targeting financial institutions in Australia. Cisco Talos first reported on Gustuff in April. Soon after, the actors behind...

October 18, 2019

THREAT RESEARCH

Threat Roundup for October 11 to October 18

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct 11 and Oct 18. As...

October 15, 2019

THREAT RESEARCH

Checkrain fake iOS jailbreak leads to click fraud

Attackers are capitalizing on the recent discovery of a new vulnerability that exists across legacy iOS hardware. Cisco Talos recently discovered a malicious actor using a fake website that claims...