The Company You Keep – Preparing for supply chain attacks with Talos IR
Organizations must proactively limit supply chain risks through careful selection of the company they keep while preparing to respond to an incident that will invariably originate from the supply chain.
The benefits of taking an intent-based approach to detecting Business Email Compromise
There are many ways to approach this growing threat, but here's why Talos feels intent-based protection is the best.
Developer account body snatchers pose risks to the software supply chain
Cisco Talos examined several frequently used code repositories. We looked specifically at the security afforded to developer accounts, and how difficult it would be for an attacker to take over a developer account.
Insider Threats: Your employees are being used against you
Over the past six months to a year, we have seen an increasing amount of incident response engagements involving malicious insiders and unwitting assets being compromised via social engineering.
Our current world, health care apps and your personal data
In the wake of the U.S. Supreme Court’s ruling in Dobbs v. Jackson Women’s Health Organization that reversed previous interpretations of the 14th amendment on privacy from Roe v. Wade, users of sensitive health apps need to be mindful of the kinds of data these apps keep, sell and share.
Small-time cybercrime is about to explode — We aren’t ready
The cybersecurity industry tends to focus on extremely large-scale or sophisticated, state-sponsored attacks. Rightfully so, as it can be the most interesting, technically speaking. When most people think of cybercrime they think of large-scale breaches because that’s what domin
Ukraine war spotlights agriculture sector's vulnerability to cyber attack
The war in Ukraine has caused massive problems for global food supplies, underscoring the high impact of disruptive events to agriculture entities and related organizations. * The challenges to the Ukrainian agriculture sector imposed by the war--and global ripple effects--have
Small-time cybercrime is about to explode — We aren't ready
The cybersecurity industry tends to focus on extremely large-scale or sophisticated, state-sponsored attacks. Rightfully so, as it can be the most interesting, technically speaking. When most people think of cybercrime they think of large-scale breaches because that's what d
On the Radar: Is 2022 the year encryption is doomed?
Senior managers responsible for information security should take stock of the encryption algorithms in use within their systems and plan their move to quantum-secure algorithms.