An overview of ransomware threats in Japan in 2025 and early detection insights from Qilin cases
There were 134 ransomware incidents reported in Japan in 2025, representing a 17.5% year-over-year increase from 2024.
Ransomware in 2025: Blending in is the strategy
A summary of the top ransomware trends from the Talos 2025 Year in Review, with a focus on identity, attacker tactics, and practical defenses.
TP-Link, Canva, HikVision vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed a vulnerability in HikVision, as well as 10 in TP-Link, and 19 in Canva. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-p
A puppet made me cry and all I got was this t-shirt
In this week's newsletter, Amy draws parallels between the collaborative themes of "Project Hail Mary" and the massive team effort behind the newly released Talos Year in Review report.
Talos Takes: 2025 insights from Talos and Splunk
This episode of Talos Takes breaks down the 2025 Year in Review as well as Splunk's Top 50 Cybersecurity Threats report.
Beers with Talos breaks down the 2025 Talos Year in Review
The Beers with Talos team unpack the biggest cybersecurity threats of 2025, from React2Shell to ransomware and identity abuse, and what it all means for defenders going forward.
2025 Talos Year in Review: Speed, scale, and staying power
The 2025 Talos Year in Review is available now. Understand evolving adversary playbooks and how to strengthen your organization’s defenses.
You have to invite them in
While a garlic and wooden stakes keep the vampires at bay in movies, they won’t save your network once an attacker has been "invited in." Discover why identity is the new frontier of cyber horror in this week’s edition.
Everyday tools, extraordinary crimes: the ransomware exfiltration playbook
Attackers use trusted tools for data theft, making traditional detection unreliable. The Exfiltration Framework enables defenders to spot exfiltration by focusing on behavioral signals across endpoints, networks, and cloud environments rather than static tool indicators.