threat intelligence

June 6, 2018

THREAT RESEARCH

VPNFilter Update – VPNFilter exploits endpoints, targets new devices

Cisco Talos has discovered additional details regarding "VPNFilter," which is targeting more makes/models of devices than initially thought, and has additional capabilities to deliver exploits to endpoints.

May 23, 2018

THREAT RESEARCH

New VPNFilter malware targets at least 500K networking devices worldwide

For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor's widespread use.

April 26, 2018

SECURITY

Perspectives on Cryptomining

If you keep up with trends in security, you’ve likely heard about illicit cryptomining – software that hijacks system resources to generate cryptocurrencies. We’ve been busy updating our product portfolio...

February 26, 2018

THREAT RESEARCH

Who Wasn’t Responsible for Olympic Destroyer?

This blog post is authored by Paul Rascagneres and Martin Lee. Summary Evidence linking the Olympic Destroyer malware to a specific threat actor group is contradictory, and does not allow...

January 26, 2018

SECURITY

Demystifying the API (Using Threat Grid as an Example)

Let's talk about API usage. An API is a means of interacting with a program via another program. Just like a UI is a User Interface, an API is an...

January 23, 2018

DEVELOPER

Explore the Threat Intelligence Capabilities in the Threat Grid API

Cisco Threat Grid offers a powerful combination of automated malware analysis and advanced threat intelligence. Threat Grid is the file analysis backend of all Cisco Advanced Threat Solutions (ATS) products, and is directly usable via a portal account in the cloud deployment or portal access to a local appliance version. What is less well known, […]

November 27, 2017

SECURITY

#CiscoChat Podcast: Cisco and INTERPOL Join Forces to Fight Cybercrime

On 21 November 2017, Cisco and INTERPOL announced an agreement to share threat intelligence and jointly fighting cybercrime. In this podcast, I talk about the significance of this global agreement.

August 28, 2017

SECURITY

What’s in a Name? Threat Intelligence, Artificial Intelligence, and Extreme Snack Foods

What is in a name? A lot, actually. A rose by any other name would certainly smell just as sweet. But if I sold you a dozen dandelions, calling them roses, as the perfect Valentine’s Day gift for your sweetheart, neither of you would be none too pleased, would you? It makes me think of […]

August 7, 2017

SECURITY

Open Source Threat Intel: GOSINT

It’s our pleasure to announce the public availability of GOSINT – the open source intelligence gathering and processing framework. GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you are applying research […]