Category: Cisco Talos Blog

What happens when you bring in a team of cybersecurity responders? How do we turn chaos into control, and what is the long-term value that Talos IR provides to the organizations we work with? This article has been indexed from…

Read more →

Talos discovered that a new PlugX variant’s features overlap with both the RainyDay and Turian backdoors This article has been indexed from Cisco Talos Blog Read the original article: How RainyDay, Turian and a new PlugX variant abuse DLL search…

Read more →

This edition pulls the curtain aside to show the realities of the VPN Filter campaign. Joe reflects on the struggle to prevent burnout in a world constantly on fire. This article has been indexed from Cisco Talos Blog Read the…

Read more →

Discover how a Cisco Talos Incident Response expert transitioned from philosophy to the high-stakes world of incident command, offering candid insights into managing burnout and finding a supportive team. This article has been indexed from Cisco Talos Blog Read the…

Read more →

With a Cisco Talos IR retainer, your organization can stay resilient and ahead of tomorrow’s threats. Here’s how. This article has been indexed from Cisco Talos Blog Read the original article: Why a Cisco Talos Incident Response Retainer is a…

Read more →

Thor examines why supply chain and identity attacks took center stage in this week’s headlines, rather than AI and ransomware. This article has been indexed from Cisco Talos Blog Read the original article: Beaches and breaches

Read more →

The Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) helps organizations assess and improve their threat intelligence programs by outlining 11 key areas and specific missions where CTI can support decision-making. This article has been indexed from Cisco Talos Blog Read…

Read more →

Microsoft has released its monthly security update for September 2025, which includes 86 vulnerabilities affecting a range of products. This article has been indexed from Cisco Talos Blog Read the original article: Microsoft Patch Tuesday for September 2025 – Snort…

Read more →

Explore lessons learned from over two years of Talos IR pre-ransomware engagements, highlighting the key security measures, indicators and recommendations that have proven effective in stopping ransomware attacks before they begin. This article has been indexed from Cisco Talos Blog…

Read more →

Bill takes thoughtful look at the transition from summer camp to grind season, explores the importance of mental health and reflects on AI psychiatry. This article has been indexed from Cisco Talos Blog Read the original article: From summer camp…

Read more →

This week, Joe encourages you to find your community in cybersecurity and make the effort to grow, network and hack stuff together. This article has been indexed from Cisco Talos Blog Read the original article: Link up, lift up, level…

Read more →

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed ten vulnerabilities in BioSig Libbiosig, nine in Tenda AC6 Router, eight in SAIL, two in PDF-XChange Editor, and one in a Foxit PDF Reader. The vulnerabilities mentioned in this blog post…

Read more →

Amy (ahem, Special Agent Dale Cooper) shares lessons from their trip to the Olympic Peninsula and cybersecurity travel tips for your last-minute adventures. This article has been indexed from Cisco Talos Blog Read the original article: Cherry pie, Douglas firs…

Read more →

A Russian state-sponsored group, Static Tundra, is exploiting an old Cisco IOS vulnerability to compromise unpatched network devices worldwide, targeting key sectors for intelligence gathering. This article has been indexed from Cisco Talos Blog Read the original article: Russian state-sponsored…

Read more →

Get an inside look at how JJ Cummings helped build and lead one of Cisco Talos’ most impactful security teams, and discover what drives him to stay at the forefront of threat intelligence. This article has been indexed from Cisco…

Read more →

Ransomware attackers continue to primarily target small and medium-sized manufacturing businesses in Japan. This article has been indexed from Cisco Talos Blog Read the original article: Ransomware incidents in Japan during the first half of 2025

Read more →

Cisco Talos discovered UAT-7237, a Chinese-speaking advanced persistent threat (APT) group active since at least 2022, which has significant overlaps with UAT-5918. This article has been indexed from Cisco Talos Blog Read the original article: UAT-7237 targets Taiwanese web hosting…

Read more →

Hazel braves Vegas, overpriced water and the Black Hat maze to bring you Talos’ latest research — including a deep dive into the PS1Bot malware campaign. This article has been indexed from Cisco Talos Blog Read the original article: What…

Read more →

Microsoft has released its monthly security update for August 2025, which includes 111 vulnerabilities affecting a range of products, including 13 that Microsoft marked as “critical”.   In this month's release, Microsoft observed none of the included vulnerabilities being actively exploited…

Read more →

Cisco Talos has observed an ongoing malware campaign that seeks to infect victims with a multi-stage malware framework, implemented in PowerShell and C#, which we are referring to as “PS1Bot.” This article has been indexed from Cisco Talos Blog Read…

Read more →