Library

Title Date File Type

Function Identification and Recovery Signature Tool

Angel M. Villegas
2016-10-19 pdf

Subverting Operating System Properties through Evolutionary DKOM Attacks

Mariano Graziano, Lorenzo Flore, Andrea Lanzi, and Davide Balzarotti
2016-07-07 pdf

ROPMEMU: A Framework for the Analysis of Complex Code-Reuse Attacks

Mariano Graziano, Davide Balzarotti, and Alain Zidouemba
2016-05-30 pdf

Threat Spotlight: PoSeidon, A Deep Dive Into Point of Sale Malware

Talos
2014-04-01 pdf

Deconstructing and Defending Against Group 72

Andrea Allievi, Joel Esler, Douglas Goddard, Shaun Hurley, Martin Lee, Craig Williams, and Alain Zidouemba.
2014-11-11 pdf

Threat Spotlight: Cisco Talos Thwarts Access to Massive International Exploit Kit Generating $60M Annually From Ransomware Alone

Nick Biasini with contributions from Joel Esler, Warren Mercer, Melissa Taylor, and Craig Williams
2015-10-06 html

Hacking the Belkin E Series Omniview 2-Port KVM Switch

Ian Payton
2017-04-06 pdf

Zeus Trojan Analysis

Alex Kirk
2015-03-09 html

Threat Spotlight: Angler Lurking in the Domain Shadows

Talos
2015-04-30 pdf

CryptoWall 4: The Evolution Continues

Andrea Allievi and Holger Unterbrink with contributions from Warren Mercer
2016-04-20 pdf

Protecting Windows and Mac Users Against the “Kyle and Stan” Malvertising Network

Shaun Hurley, David McDaniel, and Armin Pelkmann
2015-10-02 pdf

Content-Type Mismatch Detection

Alex Kirk
2010-01-01 html

ROKRAT Whitepaper: A sophisticated malware campaign targeting South Korean government officials involved in reunification

Warren Mercer, Paul Rascagneres, Matthew Molyett
2017-06-02 pdf

Take the RIG Pill Down the Rabbit Hole

By Holger Unterbrink, with contributions by Christopher Marczewski
2017-06-20 pdf

Wiper Malware whitepaper

Vitor Ventura (@_vventura)
2018-05-08 pdf

Cisco Talos Email Status Portal overview

2020-09-02 PDF

Process Control through Counterfeit Comms: Using and abusing built-in functionality to own a PLC

Jared Rittle and Patrick DeSantis
2018-10-02 pdf

List of bitcoin wallets in recent sextortion campaigns

Jaeson Schultz
2018-10-31 txt

List of malicious Facebook groups taken down by Cisco Talos

Jonathan Munshaw and Jaeson Schultz
2019-04-02 Excel spreadsheet

The art and science of detecting Cobalt Strike

Nicholas Mavis
2020-09-17 PDF

Emotet IOCs

Jaeson Schultz
2019-09-17 txt

Blocking cryptocurrency mining using Cisco Security products

Alex McDonnell, with contributions from Nicholas Mavis, Spenser Reinhardt, Josh Reynolds and Alan Smith
2019-01-16 PDF

CISO Advisory: Government & Risk management

Martin Lee and Jon Munshaw
2019-10-24 PDF

Cisco Advisory: Security architecture

Joe Marshall and Jon Munshaw
2019-10-30 PDF

Data breach pay-for-homework document

2020-09-24 PDF

What to expect when you're electing: Information hygiene and the human levels of disinformation

Azim Khodjibaev and Ryan Pentney
2020-10-01 PDF

IR Quarterly Trends TAR Q4 2019 One Pager

Cisco Talos
2020-01-30 PDF

IR Quarterly Trends TAR Q2 2020 One Pager

Cisco Talos
2020-04-13 PDF

IR Quarterly Trends TAR Q1 2020 One Pager

Cisco Talos
2020-03-01 PDF

Cisco Talos Incident Response Threat Assessment Report for Q3 2020

David Liebenberg, Kendall McKay, Jonathan Munshaw
2020-06-15 PDF

What to expect when you're electing: What Talos learned after 4 years of research and hands-on experience

Matt Olney
2020-07-16 PDF

What to expect when you're electing: The building blocks of political disinformation campaigns

Nick Biasini, Kendall McKay and Matt Valites
2020-08-26 PDF

IR Quarterly Trends Q4 2020

David Liebenberg and Caitlin Huey
2020-09-01 PDF

RAMBO: Run-time packer Analysis with Multiple Branch Observation

Xabier Ugarte-Pedrero, Davide Balzarotti, , Igor Santos, and Pablo G. Bringas
2015-07-07 PDF

Talos' advice to election officials ahead of the 2020 election

Matthew Olney
2020-10-15 PDF

One-pager: Examining Maze after its big year

David Liebenberg, Kendall McKay, Jonathan Munshaw
2020-11-30 PDF

Cisco Talos Incident Response Threat Assessment Report for Q1 2021

Jonathan Munshaw
2020-12-09 PDF

Interview with a LockBit ransomware operator

Azim Khodjibaev, Dmytro Korzhevin and Kendall McKay
2021-02-02 PDF

Ryuk remains a formidable ransomware threat

Caitlin Huey, David Liebenberg, Kendall McKay and Jon Munshaw
2021-02-28 PDF

Cisco Talos Incident Response trends from Winter 2020-21

2021-03-24 PDF

Cisco Talos Incident Response Threat Assessment Report for Q2 2021

2021-08-11 PDF

CTIR Case Study: Evicting Maze

Cisco Talos Incident Response
2021-05-16 PDF

CTIR Case Study: Cobalt Strikes Out

Cisco Talos Incident Response
2021-05-16 PDF

CTIR Emergency Response Service

CTIR
2021-05-27 pdf

InSideCopy: How this APT continues to evolve its arsenal

Asheer Malhotra and Justin Thattil
2021-07-07 PDF

SolarMarker overview

Jonathan Munshaw
2021-07-29 PDF

ServHelper overview

2021-08-12 PDF

Conti ransomware playbook translated to English

Talos Threat Intelligence and Interdiction Team
2021-09-02 PDF

Overview of Operation: Armor Piercer

2021-09-23 PDF

Talos Incident Response threat assessment report (Q3 2021)

2021-10-28 PDF

Cisco Talos Incident Response Threat Assessment Report for Q4 2021

Jonathan Munshaw, David Liebenberg and Caitlin Huey
2022-01-21 PDF

ZTE router vulnerability deep dive: How an attacker could exploit two vulnerabilities to gain full control

Marcin "Icewall" Noga
2022-03-07 PDF

Executive guidance on the ongoing situation in Ukraine (translated to Ukrainian)

2022-03-30 PDF

Overview of CyclopsBlink router malware (translated to Ukrainian)

2022-03-30 PDF

Current Executive Guidance for Ongoing Cyberattacks in Ukraine (translated to Ukrainian)

Nick Biasini
2022-03-03 pdf

Cisco Talos Incident Response Threat Assessment Report for Q1 2022

2022-04-26 PDF

Threat advisory:Cybercriminals compromise users with malware disguised as pro-Ukraine cyber tools (translated to Ukrainian)

Chris Neal
2022-03-09 pdf

Threat Advisory: HermeticWiper (translated to Ukrainian)

Asheer Malhotra
2022-02-24 pdf

Threat Advisory: Opportunistic cyber criminals take advantage of Ukraine invasion (translated to Ukrainian)

Edmund Brumaghin
2022-03-14 pdf

Threat Assessment Report: BlackCat ransomware

2022-04-27 PDF

Threat Advisory: CaddyWiper (translated to Ukrainian)

Asheer Malhotra
2022-03-15 pdf

Conti and Hive ransomware operations: Leveraging victim chats for insights

Kendall McKay, Paul Eubanks and Jaime Filson
2022-05-02 PDF

Talos Incident Response Quarterly Threat Report (Q2 2022)

Caitlin Huey
2022-07-26 PDF

Talos overview of information-stealers

Aliza Johnson and Jonathan Munshaw
2022-08-04 PDF

Talos Incident Response Q3 2022 Quarterly Recap

Caitlin Huey
2022-10-25 PDF

Gamaredon overview

Asheer Malhotra and Guilherme Venere
2022-10-10 PDF

Gamaredon Overview (translated to Ukrainian)

Asheer Malhotra and Guilherme Venere
2022-10-25 pdf

Threat Advisory: DoubleZero (translated to Ukrainian)

Asheer Malhotra
2022-03-24 pdf

Cisco stands on guard with our customers in Ukraine (translated to Ukrainian)

Nick Biasini
2022-03-03 pdf

Protecting Major Events - An Incident Response Blueprint

Jerzy "Yuri" Kramars and Dr. Giannis Tziakouris
2022-12-02 pdf

Ukraine Summary Report: Cisco Talos 2022 Year in Review

Cisco Talos
2022-12-14 pdf

Cisco Talos 2022 Year in Review

Cisco Talos
2022-12-14 pdf

APT Summary Report: Cisco Talos 2022 Year in Review

Cisco Talos
2023-01-17 pdf

Threat Landscape Summary Report: Cisco Talos 2022 Year in Review

Cisco Talos
2023-01-24 pdf

Ransomware and Commodity Loaders Summary Report: Cisco Talos 2022 Year in Review

Cisco Talos
2023-02-02 pdf

Talos Incident Response Q1 2023 Quarterly Recap

Caitlin Huey and Jonathan Munshaw
2023-04-25 PDF

Cybersecurity for businesses of all sizes: A blueprint for protection

Giannis Tziakouris & Jerzy ‘Yuri’ Kramarz
-- PDF

Threat Overview: Data theft extortion

Jacob Finn and Jonathan Munshaw
-- PDF

Hacktivism, explained

Lexi DiSchola and Jonathan Munshaw
-- PDF

Talos Incident Response Q3 2023 Quarterly Recap

Nicole Hoffman, Caitlin Huey and Jonathan Munshaw
-- PDF