Stop running security in passive mode
As we begin a new year, we wanted to address one of the biggest issues we consistently see in our investigations: passive security. Incident response engagements are an important part of our work and the intelligence-gathering process and their associated reports can be a treas
How CVSS 4.0 changes (or doesn’t) the way we see vulnerability severity
While distilling risk down to a simple numerical score is helpful for many in the security space, it is also an imperfect system that can often leave out important context.
How are user credentials stolen and used by threat actors?
You’ve probably heard the phrase, “Attackers don’t hack anyone these days. They log on.” In this blog, we describe the various tools and techniques bad actors are using to steal credentials so they can 'log on' with valid account details, and outline our recommendations for defense.
7 common mistakes companies make when creating an incident response plan and how to avoid them
Avoiding some of these common mistakes ensures your organization’s plan will be updated faster and is more thorough, so you are ready to act when, not if, an incident happens.
The rise of AI-powered criminals: Identifying threats and opportunities
A major area of impact of AI tools in cybercrime is the reduced need for human involvement in certain aspects of cybercriminal organizations.
Code leaks are causing an influx of new ransomware actors
Cisco Talos is seeing an increasing number of ransomware variants emerge, since 2021, leading to more frequent attacks and new challenges for cybersecurity professionals, particularly regarding actor attribution.
What might authentication attacks look like in a phishing-resistant future?
Even if the internet at large adopts passkeys, attackers can still find a way in.
Implementing an ISO-compliant threat intelligence program
The guidance within ISO 27001 identifies which security controls are appropriate, while ISO 27002 describes the controls in detail and how they can be implemented.
The growth of commercial spyware based intelligence providers without legal or ethical supervision
Commercial spyware has become so notorious that international governments are taking notice and action against it, as evidenced by the Biden administration’s recent Executive Order on commercial spyware.