The LockBit story: Why the ransomware affiliate model can turn takedowns into disruptions
Talos explores the recent law enforcement takedown of LockBit, a prolific ransomware group that claimed to resume their operations 7 days later.
The 3 most common post-compromise tactics on network infrastructure
We discuss three of the most common post-compromise tactics that Talos has observed in our threat telemetry and Cisco Talos Incident Response (Talos IR) engagements. These include modifying the device’s firmware, uploading customized/weaponized firmware, and bypassing security measures.
How are user credentials stolen and used by threat actors?
You’ve probably heard the phrase, “Attackers don’t hack anyone these days. They log on.” In this blog, we describe the various tools and techniques bad actors are using to steal credentials so they can 'log on' with valid account details, and outline our recommendations for defense.
Video series discussing the major threat actor trends from 2023
In this video series, Talos’ Director of Threat Intelligence and Interdiction Matt Olney and Head of Outreach Nick Biasini share their insights on the most significant cybersecurity threats from the past year.
Recommendations that defenders can use from Talos’ Year in Review Report
The 2023 Talos Year in Review is full of insights on how the threat landscape has evolved. But what does that mean for defenders? This blog contains recommendations on how to gain more visibility across your network.
Video: Talos 2023 Year in Review highlights
In this video, experts from across Cisco Talos came together to discuss the 2023 Talos Year in Review. We chat about what’s new, what’s stayed the same, and how the geopolitical environment has affected the threat landscape.
What is threat hunting?
Many organizations are curious about the idea of threat hunting, but what does this really entail? In this video, four experienced security professionals from across Cisco recently sat down to discuss the basics of threat hunting, and how to go about searching for the unknown.
What is Cracktivator software?
Learn about Talos' research into cracked versions of the Microsoft Windows operating system and applications. Discover why the use of cracktivator software is a growing trend.
New open-source infostealer, and reflections on 2023 so far
A new open-source information stealer called ‘SapphireStealer’ has been observed across public malware repositories with increasing frequency. Plus, watch a new series of videos on the year so far in the threat landscape.