Experiencing an issue? Submit a support ticket.
A popular social engineering technique returns: callback phishing, or TOAD attacks, which leverage PDFs, VoIP anonymity and even QR code tricks. Learn More
A new spam campaign is targeting Brazilian users with a clever twist — abusing the free trial period of trusted remote monitoring tools and the country’s electronic invoice system to spread malicious agents. Learn More
Cisco Talos observed the ongoing global spread of the XorDDoS malware, predominantly targeting the United States, with evidence suggesting Chinese-speaking operators are using sophisticated tools to orchestrate widespread attacks. Learn More
Evolve your incident response with intelligence-led proactive services and deep expertise that only Talos can offer, before –and during– an active emergency. Anyone can stand behind you – Talos IR stands beside you, every step of the way.
Together, we can reduce downtime and mitigate risk. Get started today.
Hazel is joined by threat intelligence researcher James Nutland to discuss Cisco Talos’ latest findings on the newly emerged Chaos ransomware group. Based on real-world incident response engagements, James breaks down Chaos’ fast, multi-threaded encryption, their use of social engineering and remote access tools like Quick Assist, and the group’s likely connections to former BlackSuit operators. James also shares what defenders should be watching for and how to stay ahead of evolving ransomware tactics.Read the full research blog: https://blog.talosintelligence.com/new-chaos-ransomware
Attackers are increasingly abusing the same remote access tools that IT teams rely on every day. In this episode, Hazel sits down with Talos security researcher Pierre Cadieux to unpack why these legitimate tools have become such an effective tactic for adversaries.Pierre explains how the flexibility, legitimacy, and built-in capabilities of remote access management tools make them ideal for attackers who want to stay under the radar. They discuss trends Talos Incident Response is seeing in the field, examples of commonly abused tools, and the challenges defenders face when trying to detect misuse.You'll also hear practical advice on what defenders and IT teams can do today to better secure their environments — and what the rise of remote access management tool abuse tells us about attacker behavior and the current state of cybercrime.Resources mentioned:Talos Incident Response Quarterly Trends ReportWhen Legitimate Tools Go Rogue (Talos Blog)
Talos is Cisco's threat intelligence research organization, an elite group of security experts devoted to providing superior protection for our customers, products and services.
Our job is your defense.
Talos powers the Cisco portfolio with comprehensive intelligence.
Every customer environment, every event, every single day, all around the world.