Cisco Talos Blog

September 26, 2024 14:00

Are hardware supply chain attacks “cyber attacks?”

It shouldn’t just be viewed as a cybersecurity issue, because for a hardware supply chain attack, an adversary would likely need to physically infiltrate or tamper with the manufacturing process.

September 19, 2024 14:00

Talk of election security is good, but we still need more money to solve the problem

This year, Congress only allocated $55 million in federal grant dollars to states for security and other election improvements.

September 12, 2024 14:00

We can try to bridge the cybersecurity skills gap, but that doesn’t necessarily mean more jobs for defenders

A June report from CyberSeek found that there are only enough skilled workers to fill 85 percent of cybersecurity jobs in America.

September 5, 2024 14:00

The best and worst ways to get users to improve their account security

In my opinion, mandatory enrollment is best enrollment.

August 29, 2024 14:00

What kind of summer has it been?

As we head into the final third of 2024, we caught up with Talos' Nick Biasini to ask him about the biggest shifts and trends in the threat landscape so far. Turns out, he has two major areas of concern.

August 22, 2024 14:00

No, not every Social Security number in the U.S. was stolen

It’s not unusual for a threat actor to exaggerate the extent of a hack or breach to drum up interest, and hopefully, the eventual purchase or ransom price.

August 15, 2024 14:00

AI, election security headline discussions at Black Hat and DEF CON

Voting Village co-founder Harri Hursti told Politico the list of vulnerabilities ran “multiple pages.”

August 8, 2024 14:00

The top stories coming out of the Black Hat cybersecurity conference

As with everything nowadays, politics are sure to come into play.

August 1, 2024 14:00

There is no real fix to the security issues recently found in GitHub and other similar software

The lesson for users, especially if you’re a private company that primarily uses GitHub, is just to understand the inherent dangers of using open-source software.