Category: Cisco Talos Blog

Cisco Talos investigated the Qilin ransomware group, uncovering its frequent attacks on the manufacturing sector, use of legitimate tools for credential theft and data exfiltration, and sophisticated methods for lateral movement, evasion, and persistence. This article has been indexed from…

Read more →

We’ve relied on passwords for years to protect our online accounts, but they’ve also become one of the easiest ways attackers get in. Cisco Duo helps clear up some of the biggest passwordless myths. This article has been indexed from…

Read more →

In this week’s newsletter, Bill explores how open communication about your skills and experience can help your security team uncover hidden gaps, strengthen your defenses, and better prepare for ever-present threats. This article has been indexed from Cisco Talos Blog…

Read more →

Cisco Talos Incident Response observed a surge in attacks exploiting public-facing applications — mainly via ToolShell targeting SharePoint — for initial access, with post-exploitation phishing and evolving ransomware tactics also persisting this quarter. This article has been indexed from Cisco…

Read more →

Cisco Talos has observed increased activity by malicious actors leveraging Direct Send as part of phishing campaigns. Here’s how to strengthen your defenses. This article has been indexed from Cisco Talos Blog Read the original article: Reducing abuse of Microsoft…

Read more →

This edition highlights the detailed studies that have been recently published on how ransomware attacks affect victims, from PTSD to burnout, and discusses ways to help deal with the fallout of victimization. This article has been indexed from Cisco Talos…

Read more →

Laura opens up about her journey through various cybersecurity roles, her leap into incident response, and what it feels like to support customers during their toughest moments — including high-stakes situations impacting critical infrastructure. This article has been indexed from…

Read more →

Cisco Talos has uncovered a new attack linked to Famous Chollima, a threat group aligned with North Korea (DPRK). This article has been indexed from Cisco Talos Blog Read the original article: BeaverTail and OtterCookie evolve with a new Javascript…

Read more →

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed one vulnerability in the OpenPLC logic controller and four vulnerabilities in the Planet WGR-500 router.   For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets…

Read more →

Microsoft has released its monthly security update for October 2025, addressing 175 Microsoft CVEs and 21 non-Microsoft CVEs. Among these, 17 vulnerabilities are considered critical and 11 are flagged as important and considered more likely to be exploited. This article has been…

Read more →

Martin muses on why computers are less fun than campfires, why their dangers seem less real, and why he’s embarking on a lengthy research project to study this. This article has been indexed from Cisco Talos Blog Read the original…

Read more →

Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool that had not previously been definitively tied to ransomware incidents.   We assess with moderate confidence that this activity can be attributed…

Read more →

As the go-to cybersecurity expert for your friends and family, you’ll want to be ready for those “I clicked a suspicious link — now what?” messages. Share this quick guide to help them know exactly what to do next. This…

Read more →

A simple yet effective tactic, known as hidden text salting, is increasingly used by cybercriminals over the past few months to evade even the most advanced email security solutions, including those powered by machine learning and large language models. This…

Read more →

Amy gives an homage to parents in family group chats everywhere who want their children to stay safe in this wild world. This article has been indexed from Cisco Talos Blog Read the original article: Family group chats: Your (very…

Read more →

Cisco Talos is disclosing details on UAT-8099, a Chinese-speaking cybercrime group mainly involved in SEO fraud and theft of high-value credentials, configuration files, and certificate data. This article has been indexed from Cisco Talos Blog Read the original article: UAT-8099:…

Read more →

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed five vulnerabilities in Nvidia and one in Adobe Acrobat. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure…

Read more →

Hazel celebrates unseen effort in cybersecurity and shares some PII. Completely unrelated, but did you know “Back to the Future” turns 40 this year? This article has been indexed from Cisco Talos Blog Read the original article: Great Scott, I’m…

Read more →

What happens when you bring in a team of cybersecurity responders? How do we turn chaos into control, and what is the long-term value that Talos IR provides to the organizations we work with? This article has been indexed from…

Read more →

Talos discovered that a new PlugX variant’s features overlap with both the RainyDay and Turian backdoors This article has been indexed from Cisco Talos Blog Read the original article: How RainyDay, Turian and a new PlugX variant abuse DLL search…

Read more →