Stop running security in passive mode
As we begin a new year, we wanted to address one of the biggest issues we consistently see in our investigations: passive security. Incident response engagements are an important part of our work and the intelligence-gathering process and their associated reports can be a treas
Adversaries increasingly using vendor and contractor accounts to infiltrate networks
The software supply chain has become a key security focus for many organizations, but the risks associated with supply chain attacks are often misunderstood.
State Sponsored Attacks in 2023 and Beyond
As 2023 begins I wanted to look forward on the future of state sponsored aggression and how we can see it change and evolve over the next year and beyond.
Threat Round up for November 11 to 18
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 11 and Nov. 18. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Insider Threats: Your employees are being used against you
Over the past six months to a year, we have seen an increasing amount of incident response engagements involving malicious insiders and unwitting assets being compromised via social engineering.
Small-time cybercrime is about to explode — We aren’t ready
The cybersecurity industry tends to focus on extremely large-scale or sophisticated, state-sponsored attacks. Rightfully so, as it can be the most interesting, technically speaking. When most people think of cybercrime they think of large-scale breaches because that’s what domin
Cisco Talos shares insights related to recent cyber attack on Cisco
THIS POST IS ALSO AVAILABLE IN: 日本語 (Japanese) Update History DateDescription of UpdatesAug. 10th 2022 Adding clarifying details on activity involving active directory. Aug. 10th 2022 Update made to the Cisco Response and Recommendations section related to MFA. Executive
Small-time cybercrime is about to explode — We aren't ready
The cybersecurity industry tends to focus on extremely large-scale or sophisticated, state-sponsored attacks. Rightfully so, as it can be the most interesting, technically speaking. When most people think of cybercrime they think of large-scale breaches because that's what d
Transparent Tribe begins targeting education sector in latest campaign
* Cisco Talos has been tracking a new malicious campaign operated by the Transparent Tribe APT group. * This campaign involves the targeting of educational institutions and students in the Indian subcontinent, a deviation from the adversary's typical focus on government ent