Cisco Talos Intelligence Blog

January 24, 2023 09:01

Threat Landscape Topic Summary Report: Cisco Talos Year in Review 2022

In this section, we provide an overview of the general threat landscape throughout 2022 and major trends based on telemetry sets gathered across Talos.

January 10, 2023 12:01

Increasing trust, commitment, and predictability during a remote incident response

In this blog post, Cisco Talos Incident Response (Talos IR) presents some of the key benefits of remote IR support and offers a list of recommendations for working on a remote incident.

January 10, 2023 09:01

APT Topic Summary Report: Cisco Talos Year in Review 2022

State-sponsored or state-aligned advanced persistent threats (APTs) adapted to the changing geopolitical landscape in 2022. Cisco Talos observed several offensive cyber campaigns linked to several groups stemming from Russia, Iran, China, North Korea, and countries in the Indian subcontinent...

December 14, 2022 12:12

Ukraine Topic Summary Report: Cisco Talos Year in Review 2022

Talos’ support for Ukraine has lead us to launch a task force to monitor critical infrastructure - identifying threats, remediating attacks, and gathering information. Discover the top adversaries, threats, and behavior trends Talos has observed this past year in Ukraine.

December 14, 2022 08:12

Talos Year in Review 2022

We expect this data-driven story will shed some insight into Cisco’s and the security community’s most notable successes and remaining challenges. As these Year in Review reports continue in the future, we aim to help explain how the threat landscape changes from one year to the next.

December 8, 2022 11:12

2022 Year in Review Livestream

Did you miss our livestream focused on the Ukraine topics presented in the Cisco Talos Year in Review report? Join host Hazel Burton and special guests Kendall McKay, Nick Randolph, and Vanja Svajcer as they discuss Talos' now-years-long critical infrastructure effort in Ukraine.

November 8, 2022 11:11

Emotet coming in hot

Emotet is a ubiquitous and well-known banking trojan that has evolved over the years to become a very successful modular botnet capable of dropping a variety of other threats. Even after a global takedown campaign in early 2021 disrupted the botnet, it reemerged later that year,

November 1, 2022 15:11

Threat Advisory: High Severity OpenSSL Vulnerabilities

In late October two new buffer overflow vulnerabilities, CVE-2022-3602 and CVE-2022-3786, were announced in OpenSSL versions 3.0.0 to 3.0.6. These vulnerabilities can be exploited by sending an X.509 certificate with a specially crafted email address, potentially causing a buffer

September 30, 2022 17:09

Threat Advisory: Microsoft warns of actively exploited vulnerabilities in Exchange Server

Even organizations that use Exchange Online may still be affected if they run a hybrid server.