Cisco Talos Intelligence Blog

March 29, 2023 08:00

How an incident response retainer can drive proactive security

Whether it be threat hunting, an active defense posture or just improving security instrumentation alerts and logs an organization keeps, it’s best for every user — no matter the size — to be prepared for when a cybersecurity incident or breach occurs.

February 9, 2023 08:09

Beyond the basics: Implementing an active defense

An active defense posture, where the defenders actively use threat intelligence and their own telemetry to uncover potential compromises, is the next stage in the cyber security maturity road. Instead of waiting for detections to trigger, defenders can take initiative and hunt threat actors.

January 24, 2023 07:59

State Sponsored Attacks in 2023 and Beyond

As 2023 begins I wanted to look forward on the future of state sponsored aggression and how we can see it change and evolve over the next year and beyond.

November 8, 2022 09:33

The Company You Keep – Preparing for supply chain attacks with Talos IR

Organizations must proactively limit supply chain risks through careful selection of the company they keep while preparing to respond to an incident that will invariably originate from the supply chain.

October 18, 2022 08:00

The benefits of taking an intent-based approach to detecting Business Email Compromise

There are many ways to approach this growing threat, but here's why Talos feels intent-based protection is the best.

October 4, 2022 08:51

Developer account body snatchers pose risks to the software supply chain

Cisco Talos examined several frequently used code repositories. We looked specifically at the security afforded to developer accounts, and how difficult it would be for an attacker to take over a developer account.

September 22, 2022 07:58

Insider Threats: Your employees are being used against you

Over the past six months to a year, we have seen an increasing amount of incident response engagements involving malicious insiders and unwitting assets being compromised via social engineering.

September 20, 2022 10:00

Our current world, health care apps and your personal data

In the wake of the U.S. Supreme Court’s ruling in Dobbs v. Jackson Women’s Health Organization that reversed previous interpretations of the 14th amendment on privacy from Roe v. Wade, users of sensitive health apps need to be mindful of the kinds of data these apps keep, sell and share.

August 29, 2022 14:45

Small-time cybercrime is about to explode — We aren’t ready

The cybersecurity industry tends to focus on extremely large-scale or sophisticated, state-sponsored attacks. Rightfully so, as it can be the most interesting, technically speaking. When most people think of cybercrime they think of large-scale breaches because that’s what domin