Cisco Talos Intelligence Blog

August 14, 2023 08:08

The rise of AI-powered criminals: Identifying threats and opportunities

A major area of impact of AI tools in cybercrime is the reduced need for human involvement in certain aspects of cybercriminal organizations.

August 7, 2023 08:08

Code leaks are causing an influx of new ransomware actors

Cisco Talos is seeing an increasing number of ransomware variants emerge, since 2021, leading to more frequent attacks and new challenges for cybersecurity professionals, particularly regarding actor attribution.

July 25, 2023 07:07

What might authentication attacks look like in a phishing-resistant future?

Even if the internet at large adopts passkeys, attackers can still find a way in.

July 18, 2023 08:07

Implementing an ISO-compliant threat intelligence program

The guidance within ISO 27001 identifies which security controls are appropriate, while ISO 27002 describes the controls in detail and how they can be implemented.

July 6, 2023 08:07

The growth of commercial spyware based intelligence providers without legal or ethical supervision

Commercial spyware has become so notorious that international governments are taking notice and action against it, as evidenced by the Biden administration’s recent Executive Order on commercial spyware.

June 13, 2023 08:06

".Zip" top-level domains draw potential for information leaks

As a result of user applications increasingly registering actual “.zip” files as URLs, these filenames may trigger unintended DNS queries or web requests, thereby revealing possibly sensitive or internal company data in a file’s name to any actor monitoring the associated DNS server

June 6, 2023 08:06

Adversaries increasingly using vendor and contractor accounts to infiltrate networks

The software supply chain has become a key security focus for many organizations, but the risks associated with supply chain attacks are often misunderstood.

April 13, 2023 00:04

How threat actors are using AI and other modern tools to enhance their phishing attempts

Tools like ChatGPT aren't making social engineering attacks any more effective, but it does make it faster for actors to write up phishing emails.

March 29, 2023 08:03

How an incident response retainer can drive proactive security

Whether it be threat hunting, an active defense posture or just improving security instrumentation alerts and logs an organization keeps, it’s best for every user — no matter the size — to be prepared for when a cybersecurity incident or breach occurs.