Using LLMs as a reverse engineering sidekick
LLMs may serve as powerful assistants to malware analysts to streamline workflows, enhance efficiency, and provide actionable insights during malware analysis.
IR Trends Q2 2025: Phishing attacks persist as actors leverage compromised valid accounts to enhance legitimacy
Phishing remained the top initial access method in Q2 2025, while ransomware incidents see the emergence of new Qilin tactics.
Cisco Talos at Black Hat 2025: Briefings, booth talks and what to expect
Cisco Talos is back at Black Hat with new research, threat detection overviews and opportunities to connect with our team. Whether you're interested in what we’re seeing in the threat landscape, detection engineering or real-world incident response, here's where and how to find us.
Insights from Talos IR: Navigating NIS2 technical implementation
ENISA’s 2025 NIS2 guidance makes compliance more complex, but Talos IR's services directly align with new requirements for reporting, logging and incident response.
BRB, pausing for a "Sanctuary Moon" marathon
Get to know the real people behind cybersecurity’s front lines. In this week’s newsletter, sci-fi meets reality, humanity powers technology and a few surprises are waiting to be discovered.
Bloomberg Comdb2 null pointer dereference and denial-of-service vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed five vulnerabilities in Bloomberg Comdb2. Comdb2 is an open source, high-availability database developed by Bloomberg. It supports features such as clustering, transactions, snapshots, and isolation. T
Unmasking the new Chaos RaaS group attacks
Cisco Talos Incident Response (Talos IR) recently observed attacks by Chaos, a relatively new ransomware-as-a-service (RaaS) group conducting big-game hunting and double extortion attacks.
Meet Hazel Burton
In the first Humans of Talos, Amy sits with Hazel Burton — storyteller, security advocate, and all-around Talos legend. Hazel shares her journey from small business entrepreneurship to leading content programs at Talos.
ToolShell: Details of CVEs affecting SharePoint servers
Cisco Talos is aware of the ongoing exploitation of CVE-2025-53770 and CVE-2025-53771 in the wild. These are path traversal vulnerabilities affecting SharePoint Server Subscription Edition, SharePoint Server 2016, and SharePoint Server 2019.