Experiencing an issue? Submit a support ticket.
Cisco Talos discovered an ongoing malicious campaign since at least as early as December 2025 by a threat actor we track as “UAT-10027,” delivering a previously undisclosed backdoor dubbed “Dohdoor.” Learn More
Cisco Talos uncovered “DKnife,” a fully featured gateway-monitoring and adversary-in-the-middle (AitM) framework comprising seven Linux-based implants. Learn More
Cisco Talos is closely tracking UAT-8837, a threat actor we assess with medium confidence is a China-nexus advanced persistent threat (APT) actor. Learn More
Evolve your incident response with intelligence-led proactive services and deep expertise that only Talos can offer, before –and during– an active emergency. Anyone can stand behind you – Talos IR stands beside you, every step of the way.
Together, we can reduce downtime and mitigate risk. Get started today.
Service providers are the backbone of modern connectivity — but why are they such attractive targets for cyber actors, and what happens when critical networks go down? In this episode, Martin Lee joins Amy to explore the shifting threat landscape for service providers, asking how defenders can spot silent intrusions, what trade-offs must be considered when patching, and how industry collaboration helps prevent widespread disruptions. Join us as we unpack real-world examples and offer practical insights into protecting the infrastructure that keeps our world connected.Video: Footholds in Infrastructure: Protecting Service Providers
What separates organizations that successfully fend off ransomware from those that don’t? What were the top threats facing organizations? Can we (pretty please) get a sneak peek into the 2025 Year in Review?Amy is joined by Dave Liebenberg, Strategic Analysis Team Lead, to break down key findings from Q4 2025's Cisco Talos Incident Response Quarterly Trends Report. From the top threats facing organizations — like the persistent exploitation of public-facing applications and the rise of new vulnerabilities such as Oracle EBS and React2Shell — to the unexpected drop in ransomware cases, this episode is packed with useful info. Episode resources:Q4 2025 Quarterly Trends Report: https://blog.talosintelligence.com/ir-trends-q4-2025/Qilin blog: https://blog.talosintelligence.com/uncovering-qilin-attack-methods-exposed-through-multiple-cases/Cybersecurity on a Budget blog: https://blog.talosintelligence.com/cybersecurity-on-a-budget-strategies-for-an-economic-downturn/
Talos is Cisco's threat intelligence research organization, an elite group of security experts devoted to providing superior protection for our customers, products and services.
Our job is your defense.
Talos powers the Cisco portfolio with comprehensive intelligence.
Every customer environment, every event, every single day, all around the world.