Experiencing an issue? Submit a support ticket.
A new spam campaign is targeting Brazilian users with a clever twist — abusing the free trial period of trusted remote monitoring tools and the country’s electronic invoice system to spread malicious agents. Learn More
Cisco Talos observed the ongoing global spread of the XorDDoS malware, predominantly targeting the United States, with evidence suggesting Chinese-speaking operators are using sophisticated tools to orchestrate widespread attacks. Learn More
Cisco Talos has observed a widespread and ongoing financial theft SMS phishing (smishing) campaign since October 2024 that targets toll road users in the United States of America. Learn More
Evolve your incident response with intelligence-led proactive services and deep expertise that only Talos can offer, before –and during– an active emergency. Anyone can stand behind you – Talos IR stands beside you, every step of the way.
Together, we can reduce downtime and mitigate risk. Get started today.
Edmund Brumaghin joins Hazel to discuss how threat actors (including state sponsored attackers), are increasingly compartmentalizing their attacks i.e they're bringing in specialist skillsets from other groups to handle different aspects of the attack chain. Edmund discusses why this is happening, and the challenges this poses for defenders when it comes to attribution and reporting. He then discusses several solutions which seek to evolve traditional threat modelling, and help provide clarity to defenders.More details can be found in this blog https://blog.talosintelligence.com/compartmentalized-threat-modeling/If you're interested in our other blog on initial access groups, that can be found at https://blog.talosintelligence.com/redefining-initial-access-brokers/
In this episode, Hazel welcomes Talos researcher Ashley Shen to discuss the evolution of initial access brokers (IABs) and the importance of distinguishing between different types of IABs. We talk about the need for a new taxonomy to categorize IABs into three types: financially motivated (FIA), state-sponsored (SIA), and opportunistic (OIA) initial access groups. This taxonomy aims to improve threat modeling and defense strategies by providing a clearer understanding of the motivations and behaviors of different IABs. For more details, check out the blog that Ashley co-authored with other Talos researchers https://blog.talosintelligence.com/redefining-initial-access-brokers/
Talos is Cisco's threat intelligence research organization, an elite group of security experts devoted to providing superior protection for our customers, products and services.
Our job is your defense.
Talos powers the Cisco portfolio with comprehensive intelligence.
Every customer environment, every event, every single day, all around the world.