Available now: 2024 Year in Review
Download Talos' 2024 Year in Review now, and access key insights on the top targeted vulnerabilities of the year, network-based attacks, email threats, adversary toolsets, identity attacks, multi-factor authentication (MFA) abuse, ransomware and AI-based attacks.
Care what you share
In this week’s newsletter, Thorsten muses on how search engines and AI quietly gather your data while trying to influence your buying choices. Explore privacy-friendly alternatives and get the scoop on why it's important to question the platforms you interact with online.
Unmasking the new XorDDoS controller and infrastructure
Cisco Talos observed the ongoing global spread of the XorDDoS malware, predominantly targeting the United States, with evidence suggesting Chinese-speaking operators are using sophisticated tools to orchestrate widespread attacks.
Year in Review: The biggest trends in ransomware
This week, our Year in Review spotlight is on ransomware—where low-profile tactics led to high-impact consequences. Download our 2 page ransomware summary, or watch our 55 second video.
Eclipse and STMicroelectronics vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities found in Eclipse ThreadX and four vulnerabilities in STMicroelectronics. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adh
Threat actors thrive in chaos
Martin delves into how threat actors exploit chaos, offering insights from Talos' 2024 Year in Review on how to fortify defenses against evolving email lures and frequently targeted vulnerabilities, even amidst economic disruption.
Unraveling the U.S. toll road smishing scams
Cisco Talos has observed a widespread and ongoing financial theft SMS phishing (smishing) campaign since October 2024 that targets toll road users in the United States of America.
Microsoft Patch Tuesday for April 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for April of 2025 which includes 126 vulnerabilities affecting a range of products, including 11 that Microsoft has marked as “critical”.
Year in Review: Key vulnerabilities, tools, and shifts in attacker email tactics
From Talos' 2024 Year in Review, here are some findings from the top targeted network device vulnerabilities. We also explore how threat actors are moving away from time sensitive lures in their emails. And finally we reveal the tools that adversaries most heavily utilized last year.