Back to bundle

Talos Intel

Talos is the industry-leading threat intelligence organization. We detect and correlate threats in real time using the largest threat detection network in the world to protect against known and emerging cyber security threats to better protect your o
471 followers 6 articles/week
Follow
What can we learn from the passwords used in brute-force attacks?

Brute force attacks are one of the most elementary cyber threats out there. Technically, anyone with a keyboard and some free time could launch one of them — just try a bunch of different username and password combinations on the website of your choice until you get blocked.  Nick Biasini and I discussed some of the ways that organizations can defend...

Thu May 2, 2024 21:11
Vulnerabilities in employee management system could lead to remote code execution, login credential theft

Cisco Talos’ Vulnerability Research team has disclosed more than a dozen vulnerabilities over the past three weeks, five in a device that allows employees to check in and out of their shifts, and another that exists in an open-source library used in medical device imaging files. The Peplink Smart Reader contains several vulnerabilities, including one...

Wed May 1, 2024 19:36
Cisco Talos at RSAC 2024

With RSAC just a week away, Cisco Talos is gearing up for another year of heading to San Francisco to share in some of the latest major cybersecurity announcements, research and news.  We’ve pulled together the highlights, so you don’t miss out on all things Talos.  Tuesday, May 5  Joe Marshall will be presenting on Project Power Up alongside Tara Vasyliv...

Tue Apr 30, 2024 16:26
James Nutland studies what makes threat actors tick, growing our understanding of the current APT landscape

If state-sponsored actors are after one thing, it’s to spread fear and uncertainty across the internet. There’s always money to be made targeting individual businesses and organizations, but for James Nutland’s work, it’s always about the bigger picture. And his background in studying counterterrorism and interpersonal social dynamics provides him a...

Mon Apr 29, 2024 17:39
The private sector probably isn’t coming to save the NVD

I wrote last week about the problems arising from the massive backlog of vulnerabilities at the U.S. National Vulnerability Database.  Thousands of CVEs are still without analysis data, and the once-reliable database of every single vulnerability that’s disclosed and/or patched is now so far behind, it could take up to 100 days for the National Institute...

Thu Apr 25, 2024 21:29
Talos IR trends: BEC attacks surge, while weaknesses in MFA persist

Business email compromise (BEC) was the top threat observed by Cisco Talos Incident Response (Talos IR) in the first quarter of 2024, accounting for nearly half of engagements, which is more than double what was observed in the previous quarter.  The most observed means of gaining initial access was the use of compromised credentials on valid accounts,...

Thu Apr 25, 2024 17:23

Build your own newsfeed

Ready to give it a go?
Start a 14-day trial, no credit card required.

Create account