New partnership brings together Talos’ visibility with IR’s unmatched response capabilities
By Jon Munshaw. The threat landscape has evolved into a complex, challenging environment for organizations everywhere. A talent shortage, combined with an increase in incidents, has led to a generally weak security posture among most organizations. Defenders’ backs are up agains
Threat Roundup for November 1 to November 8
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 1 and Nov. 8. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key
Threat Source newsletter (Nov. 7, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. The only news we’re going to cover this week is the biggest news we’ve had in a while. Tuesday, we announced that Ci
Vulnerability Spotlight: Code execution vulnerabilities in LEADTOOLS
Marcin Towalski and Cory Duplantis of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the LEADTOOLS line of imaging toolkits. LEADTOOLS is a collection of toolkits designed to perform a variety of functions aimed at integ
Talos, Cisco Incident Response team up to offer more protection than ever
By Sean Mason Over the years, I've had the honor and privilege to work within some of the greatest security teams on the planet, working alongside such passionate and talented people at Cisco makes delivering this announcement perhaps the greatest honor yet. The best securi
Beers with Talos Ep. #65: Please welcome to the show… Talos Incident Response
By Mitch Neff. Beers with Talos (BWT) Podcast episode No. 65 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Recorded Oct. 25, 2019 Today is a bit different. We normally keep things pretty
How adversaries use politics for compromise
By Nick Biasini and Edmund Brumaghin. Executive Summary With the U.S. presidential primaries just around the corner, even malware authors can't help but get behind the frenzy. Cisco Talos recently discovered several malware distribution campaigns where the adversaries were
C2 With It All: From Ransomware To Carding
By Warren Mercer, Paul Rascagneres and Vitor Ventura. Summary Cisco Talos recently discovered a new server hosting a large stockpile of malicious files. Our analysis of these files shows that these attackers were able to obtain a deep level of access to victims' infrastruc
The latest on BlueKeep and DejaBlue vulnerabilities — Using Firepower to defend against encrypted DejaBlue
Update (11/04/2019): There have been several public reports of active exploitation of CVE-2019-0708, commonly referred to as “BlueKeep.” Preliminary reportsindicate that the vulnerability is being exploited by adversaries who are leveraging access to compromised systems to insta