Tag: Cisco Talos Blog

In this week’s newsletter, Martin considers how AI will help threat intelligence by creating an easily queryable data source of intelligence reports. This article has been indexed from Cisco Talos Blog Read the original article: Beyond IOCs: AI-enabled threat intelligence

Read more →

Component Object Model (COM) is a fundamental Windows technology used by legitimate applications for object activation, inter-process communication, automation and language-independent component reuse. Those same qualities make it useful to threat actors. This article has been indexed from Cisco Talos…

Read more →

In the latest Threat Source, Hazel channels her inner Spielberg to explore why humans are delightfully irrational, reminding us that while security best practices are simple in theory, they’re a lot harder to pull off when you’re busy dealing with…

Read more →

Cisco Talos detailed a new approach to reverse engineering that pairs local AI agents with traditional analysis tools like the VB6 disassembler vbdec. Instead of awkwardly bolting AI onto the software, vbdec exposes its parsed data through a live COM…

Read more →

In this week’s newsletter, Amy reminisces on the tech toys of their childhood, inspired by a hilarious lesson about why your digital privacy shouldn’t be left on an open channel. This article has been indexed from Cisco Talos Blog Read…

Read more →

Microsoft Patch Tuesday details for June 2026. This article has been indexed from Cisco Talos Blog Read the original article: Microsoft Patch Tuesday for June 2026 — Snort rules and prominent vulnerabilities

Read more →

Joe’s on-the-ground report from Cisco Live U.S. is here, complete with therapy dog pictures and tips on handling conference overstimulation. This article has been indexed from Cisco Talos Blog Read the original article: Reporting from Vegas: Networking, AI, and good…

Read more →

Learn how Cisco Talos Threat Hunting uses hypothesis-driven methods and multi-domain telemetry correlation to find stealthy threats operating below automated detection thresholds. This article has been indexed from Cisco Talos Blog Read the original article: Hypotheses, telemetry, and human judgment:…

Read more →

Tony Giandomenico, Senior Director of Product Management, joins Amy to discuss the Talos Threat Hunting launch what he’s excited about for the future of cybersecurity, and, of course, his Ironman triathlons. This article has been indexed from Cisco Talos Blog…

Read more →

In this newsletter, Thor breaks down why you should stop relying solely on CVSS and start using EPSS and GCVE to focus your patching efforts on the threats that actually matter. This article has been indexed from Cisco Talos Blog…

Read more →

This white paper presents a concrete case study demonstrating the creation of a heap overflow vulnerability through the exploitation of the DICOM file format. This article has been indexed from Cisco Talos Blog Read the original article: DICOM, Pydicom, GDCM,…

Read more →

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed four vulnerabilities in MediaArea MediaInfoLib library. The vulnerabilities mentioned in this blog post have been patched by their respective vendor, in adherence to Cisco’s third-party vulnerability disclosure policy. For Snort coverage…

Read more →

EvidenceForge generates high-quality, realistic, and consistent datasets across multiple log formats, enabling teams to effectively train personnel and validate detection models without the need for complex manual simulations. This article has been indexed from Cisco Talos Blog Read the original…

Read more →

In this edition of the Threat Source newsletter, William explores the value of being “ungovernable” in a professional setting, sharing how challenging the status quo and seeking out the smartest people in the room can lead to a more fulfilling…

Read more →

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed eight vulnerabilities in TP-Link, and one each in Adobe Photoshop, OpenVPN, and Gen Digital's Norton VPN. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, in…

Read more →

Cisco Talos has uncovered a BadIIS variant — identifiable by its embedded “demo.pdb” strings — that functions as commodity malware, likely sold or shared among multiple Chinese-speaking cyber crime groups operating under a malware-as-a-service (MaaS) model for continuous monetization. This…

Read more →

In this week’s newsletter, Martin reflects on what the next iteration of AI tools means for vulnerability discovery and our ability to manage large-scale patch releases. This article has been indexed from Cisco Talos Blog Read the original article: The…

Read more →

Cisco Talos is tracking the active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage. This article has been indexed from Cisco Talos Blog Read the…

Read more →

Philippe shares his unique journey from French engineering school to the front lines of cybersecurity, explaining how his lifelong love for solving puzzles helps him uncover critical security flaws before they can be exploited. This article has been indexed from…

Read more →

Microsoft has released its monthly security update for May 2026, which includes 112 vulnerabilities affecting a range of products, including 16 that Microsoft marked as “critical”. This article has been indexed from Cisco Talos Blog Read the original article: Microsoft Patch Tuesday for May 2026…

Read more →