threat intelligence

March 4, 2019

SECURITY

Top of Mind for RSA Conference 2019

With so many ways to experience RSAC and 5 days to take it in, you may be wondering what is top of mind so that you won’t miss a beat. 

January 14, 2019

SECURITY

SMB and the return of the worm

Watch the threat landscape long enough, and you’ll see that some things are cyclical. Threat types and attack methods fall in and out of fashion. As the use of one...

December 11, 2018

SECURITY

Cryptomining: A sheep or a wolf?

One of, if not the, most prominent motivators for threat actors is money. Whether it’s botnet owners renting out their services for DDoS attacks, tech support scammers cold-calling people to...

June 6, 2018

THREAT RESEARCH

VPNFilter Update – VPNFilter exploits endpoints, targets new devices

Cisco Talos has discovered additional details regarding "VPNFilter," which is targeting more makes/models of devices than initially thought, and has additional capabilities to deliver exploits to endpoints.

May 23, 2018

THREAT RESEARCH

New VPNFilter malware targets at least 500K networking devices worldwide

For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor's widespread use.

April 26, 2018

SECURITY

Perspectives on Cryptomining

If you keep up with trends in security, you’ve likely heard about illicit cryptomining – software that hijacks system resources to generate cryptocurrencies. We’ve been busy updating our product portfolio...

February 26, 2018

THREAT RESEARCH

Who Wasn’t Responsible for Olympic Destroyer?

This blog post is authored by Paul Rascagneres and Martin Lee. Summary Evidence linking the Olympic Destroyer malware to a specific threat actor group is contradictory, and does not allow...

January 26, 2018

SECURITY

Demystifying the API (Using Threat Grid as an Example)

Let's talk about API usage. An API is a means of interacting with a program via another program. Just like a UI is a User Interface, an API is an...

January 23, 2018

DEVELOPER

Explore the Threat Intelligence Capabilities in the Threat Grid API

Cisco Threat Grid offers a powerful combination of automated malware analysis and advanced threat intelligence. Threat Grid is the file analysis backend of all Cisco Advanced Threat Solutions (ATS) products, and is directly usable via a portal account in the cloud deployment or portal access to a local appliance version. What is less well known, […]