Talos IR trends Q3 2024: Identity-based operations loom large
Credential theft was the main goal in 25% of incidents last quarter, and new ransomware variants made their appearance - read more about the top trends, TTPs, and security weaknesses that facilitated adversary actions.
Protecting major events: An incident response blueprint
Go behind the scenes with Talos incident responders and learn from what we've seen in the field.
BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks
In recent investigations, Talos Incident Response has observed the BlackByte ransomware group using techniques that depart from their established tradecraft. Read the full analysis.
IR Trends: Ransomware on the rise, while technology becomes most targeted sector
Although there was a decrease in BEC engagements from last quarter, it was still a major threat for the second quarter in a row.
Talos IR trends: BEC attacks surge, while weaknesses in MFA persist
Within BEC attacks, adversaries will send phishing emails appearing to be from a known or reputable source making a valid request, such as updating payroll direct deposit information.
IR Q4 2023 trends: Significant increase in ransomware activity found in engagements, while education remains one of the most-targeted sectors
Talos IR observed operations involving Play, Cactus, BlackSuit and NoEscape ransomware for the first time this quarter.
7 common mistakes companies make when creating an incident response plan and how to avoid them
Avoiding some of these common mistakes ensures your organization’s plan will be updated faster and is more thorough, so you are ready to act when, not if, an incident happens.
Why logging is one of the most overlooked aspects of incident response, and how Cisco Talos IR can help
As the adoption of digital technologies increases, the volume of log data grows, which makes it challenging for cybersecurity teams to identify which logs are most valuable when investigating and analyzing threats.
How Cisco Talos IR helped a healthcare company quickly resolve a Qakbot attack
A healthcare company recently detected a potential Qakbot infection early, and with the help of the Talos IR team, evicted the threat actor from their network quickly before any harm could come to the organization or its customers.