Five defender priorities from the Talos Year in Review
With attackers moving faster than ever, it’s easy to feel overwhelmed. This blog breaks down five practical priorities from the Cisco Talos 2025 Year in Review to help defenders focus and prioritize, amidst all the noise.
[Podcast] It's not you, it's your printer: State-sponsored and phishing threats in 2025
In this episode of Talos Takes, Amy and Martin Lee unpack state-sponsored and phishing trends from the 2025 Talos Year in Review.
Phishing and MFA exploitation: Targeting the keys to the kingdom
In 2025, attackers increasingly targeted weaknesses in multi-factor authentication (MFA) workflows, and phishing attacks leveraged valid, compromised credentials to launch lures from trusted accounts. The trends focused entirely on trust, or the lack thereof, in everyday business operations.
State-sponsored threats: Different objectives, similar access paths
A look at 2025 state-sponsored threats, exploring how actors linked to China, Russia, North Korea, and Iran use vulnerabilities, identity, and trusted access paths to achieve their goals.
[Video] The TTP Ep. 22: The Collapse of the Patch Window
In this episode of The Talos Threat Perspective, we discuss how vulnerability exploitation is accelerating, and why attacker speed, AI, and exposed systems are affecting the patch window.
From the field to the report and back again: How incident responders can use the Year in Review
The Year in Review distills Talos IR's observations into structured intelligence, but defenders should also be feeding this report back into their own preparation cycles. Here's how.
Talos Takes: 2025's ransomware trends and zombie vulnerabilities
In this episode of Talos Takes, Amy and Pierre Cadieux unpack the ransomware and vulnerability trends that defined 2025.
Year in Review: Vulnerabilities old and new and something React2
The year was characterized by an unending beat-down on infrastructure that relied on older enmeshed dependencies (e.g., Log4j and PHPUnit), while React2Shell rocketed to the highest percentage of attacks for the entire year within the last three weeks of 2025.
[Video] The TTP Ep 21: When Attackers Become Trusted Users
An episode of the Talos Threat Perspective on the 2025 Year in Review trends. We explore how identity is being used to gain, extend, and maintain access inside environments.
Inside the Talos 2025 Year in Review: A discussion on what the data means for defenders
A conversation between Cisco Talos and Cisco Security leaders on the 2025 threat landscape, from identity attacks and legacy vulnerabilities to AI-driven threats, and what defenders should prioritize now.
Ransomware in 2025: Blending in is the strategy
A summary of the top ransomware trends from the Talos 2025 Year in Review, with a focus on identity, attacker tactics, and practical defenses.
Talos Takes: 2025 insights from Talos and Splunk
This episode of Talos Takes breaks down the 2025 Year in Review as well as Splunk's Top 50 Cybersecurity Threats report.
Beers with Talos breaks down the 2025 Talos Year in Review
The Beers with Talos team unpack the biggest cybersecurity threats of 2025, from React2Shell to ransomware and identity abuse, and what it all means for defenders going forward.
2025 Talos Year in Review: Speed, scale, and staying power
The 2025 Talos Year in Review is available now. Understand evolving adversary playbooks and how to strengthen your organization’s defenses.
Year in Review: AI based threats
2024 wasn't the year that AI rewrote the cybercrime playbook — but it did turbocharge some of the old tricks. Read this summary of AI-based threats, from Talos' 2024 Year in Review.
Year in Review: Attacks on identity and MFA
For the third topic for Talos' 2024 Year in Review, we tell the story of how identity has become the pivot point for adversarial campaigns.
Year in Review: The biggest trends in ransomware
This week, our Year in Review spotlight is on ransomware—where low-profile tactics led to high-impact consequences. Download our 2 page ransomware summary, or watch our 55 second video.
Year in Review: Key vulnerabilities, tools, and shifts in attacker email tactics
From Talos' 2024 Year in Review, here are some findings from the top targeted network device vulnerabilities. We also explore how threat actors are moving away from time sensitive lures in their emails. And finally we reveal the tools that adversaries most heavily utilized last year.
Year in Review: In conversation with the report's authors
Want to know the most notable findings in Talos' Year in Review directly from our report's authors? Watch our two part video series.
Beers with Talos: Year in Review episode
In this podcast, Joe, Hazel, Bill and Dave break down Talos' Year in Review 2024 and discuss how and why cybercriminals have been leaning so heavily on attacks that are routed in stealth in simplicity.
Available now: 2024 Year in Review
Download Talos' 2024 Year in Review now, and access key insights on the top targeted vulnerabilities of the year, network-based attacks, email threats, adversary toolsets, identity attacks, multi-factor authentication (MFA) abuse, ransomware and AI-based attacks.
Video series discussing the major threat actor trends from 2023
In this video series, Talos’ Director of Threat Intelligence and Interdiction Matt Olney and Head of Outreach Nick Biasini share their insights on the most significant cybersecurity threats from the past year.
Recommendations that defenders can use from Talos’ Year in Review Report
The 2023 Talos Year in Review is full of insights on how the threat landscape has evolved. But what does that mean for defenders? This blog contains recommendations on how to gain more visibility across your network.
Video: Talos 2023 Year in Review highlights
In this video, experts from across Cisco Talos came together to discuss the 2023 Talos Year in Review. We chat about what’s new, what’s stayed the same, and how the geopolitical environment has affected the threat landscape.
Beers with Talos episode 141: The TurkeyLurkey Man wants YOU to read Talos' Year in Review report
The team recaps the top malware and attacker trends from 2023, and create a new mascot to save Thanksgiving.
The malware, attacker trends and more that shaped the threat landscape in 2023
The second annual Cisco Talos Year in Review draws on a massive amount of threat data to analyze the major trends that shaped the threat landscape in 2023.
Talos Takes 128: Year in Review - Ransomware and Commodity Loaders Edition
We're back with the final year in review focused episode. This time the focus is on the ever broadening ransomware landscape and the commodity malware loaders that often support it.
2022 Year in Review: Ransomware & Commodity Loaders Livestream Replay
Join host Mitch Neff and special guests Aliza Johnson, Azim Khodjibaev, and Nick Biasini as they discuss Talos' findings and experiences monitoring ransomware and commodity loaders in 2022.
Ransomware and Commodity Loader Topic Summary Report: Cisco Talos Year in Review 2022
The ransomware space is dynamic, continually adapting to changes in the geopolitical environment, actions by defenders, and efforts by law enforcement, which increased in scope and intensity in 2022. Cisco Talos observed several related trends across 2022. Read the full report here.
Talos Takes 126: Year in Review - Threat Landscape Edition
We're back with another year in review focused episode. This time I'm be joined by threat researcher Caitlin Huey. We discuss the general threat landscape in 2022 including dual use tools, lolbins, and the surprising re-emergence of USB attacks in 2022.
2022 Year in Review: Threat Landscape Livestream Replay
Did you miss our livestream covering the threat landscape section in the Cisco Talos Year in Review report? Join host Hazel Burton and special guests Caitlin Huey, Nick Biasini, and Tucker Favreau as they discuss Talos' findings and experiences monitoring the threat landscape in 2022.
Threat Landscape Topic Summary Report: Cisco Talos Year in Review 2022
In this section, we provide an overview of the general threat landscape throughout 2022 and major trends based on telemetry sets gathered across Talos.
2022 Year in Review: APTs Livestream Replay
Did you miss our livestream focused on the APT section in the Cisco Talos Year in Review report? Join host Mitch Neff and special guests Jacob Finn, Asheer Malhotra, and Vitor Ventura as they discuss Talos' findings and experiences tracking APTs in 2022.
APT Topic Summary Report: Cisco Talos Year in Review 2022
State-sponsored or state-aligned advanced persistent threats (APTs) adapted to the changing geopolitical landscape in 2022. Cisco Talos observed several offensive cyber campaigns linked to several groups stemming from Russia, Iran, China, North Korea, and countries in the Indian subcontinent...
Talos Takes Ep. 122: Year in Review & Ukraine Activities
In this episode of Talos Takes we are joined by Kendall McKay to discuss the recently released year in review report and dig deep on our activities in Ukraine. The year in review covers a vast amount of data and intel sources to identify some of the key trends we observed in 2022.
Ukraine Topic Summary Report: Cisco Talos Year in Review 2022
Talos’ support for Ukraine has lead us to launch a task force to monitor critical infrastructure - identifying threats, remediating attacks, and gathering information. Discover the top adversaries, threats, and behavior trends Talos has observed this past year in Ukraine.
Beers with Talos Ep. 129: Talos Year in Review 2022 w/ Dave Liebenberg
We discuss the premiere Talos Year in Review report - a look back at the major threats, trends, and topics from 2022 and what we should take forward into 2023. Dave Liebenberg joins us to discuss *why* his team undertook this effort, and some of the finer points of the report findings.
Talos Year in Review 2022
We expect this data-driven story will shed some insight into Cisco’s and the security community’s most notable successes and remaining challenges. As these Year in Review reports continue in the future, we aim to help explain how the threat landscape changes from one year to the next.
2022 Year in Review Livestream
Did you miss our livestream focused on the Ukraine topics presented in the Cisco Talos Year in Review report? Join host Hazel Burton and special guests Kendall McKay, Nick Randolph, and Vanja Svajcer as they discuss Talos' now-years-long critical infrastructure effort in Ukraine.