Cisco Talos Blog

January 24, 2024 08:00

IR Q4 2023 trends: Significant increase in ransomware activity found in engagements, while education remains one of the most-targeted sectors

Talos IR observed operations involving Play, Cactus, BlackSuit and NoEscape ransomware for the first time this quarter.

November 16, 2023 08:00

7 common mistakes companies make when creating an incident response plan and how to avoid them

Avoiding some of these common mistakes ensures your organization’s plan will be updated faster and is more thorough, so you are ready to act when, not if, an incident happens.

October 17, 2023 12:00

Why logging is one of the most overlooked aspects of incident response, and how Cisco Talos IR can help

As the adoption of digital technologies increases, the volume of log data grows, which makes it challenging for cybersecurity teams to identify which logs are most valuable when investigating and analyzing threats.

September 14, 2023 08:00

How Cisco Talos IR helped a healthcare company quickly resolve a Qakbot attack

A healthcare company recently detected a potential Qakbot infection early, and with the help of the Talos IR team, evicted the threat actor from their network quickly before any harm could come to the organization or its customers.

July 26, 2023 08:00

Incident Response trends Q2 2023: Data theft extortion rises, while healthcare is still most-targeted vertical

Ransomware was the second most-observed threat this quarter, accounting for 17 percent of engagements, a slight increase from last quarter’s 10 percent.

June 29, 2023 08:00

How Talos IR’s Purple Team can help you prepare for the worst-case scenario

A Purple Team exercise is a collaborative approach between offensive (Red) teams and defensive (Blue) teams.

June 2, 2023 08:00

Cybersecurity for businesses of all sizes: A blueprint for protection

Developing a robust cybersecurity practice involves implementing multiple layers of security measures that are interconnected and continually monitored, including training and awareness programs to ensure that employees follow best practices.

April 26, 2023 08:00

Quarterly Report: Incident Response Trends in Q1 2023

In 45 percent of engagements, attackers exploited public-facing applications to establish initial access, a significant increase from 15 percent the previous quarter.

April 10, 2023 07:00

Researcher Spotlight: Giannis Tziakouris first learned how to fix his family’s PC, and now he’s fixing networks all over the globe

As a senior incident responder, Giannis helps Cisco Talos Incident Response customers secure and respond to security incidents across the world.