Intelligence Center

Threat Research

Threat actors use copyright infringement phishing lure to deploy infostealers

Learn More

Threat Spotlight: WarmCookie/BadSpace

WarmCookie is a malware family that emerged in April 2024 and has been distributed via regularly conducted malspam and malvertising campaigns.  Learn More

Highlighting TA866/Asylum Ambuscade Activity Since 2021

TA866 (also known as Asylum Ambuscade) is a threat actor that has been conducting intrusion operations since at least 2020.  Learn More

Fortify Your Defense

Evolve your incident response with intelligence-led proactive services and deep expertise that only Talos can offer, before –and during– an active emergency. Anyone can stand behind you – Talos IR stands beside you, every step of the way.

Together, we can reduce downtime and mitigate risk. Get started today.

Learn More

Latest Talos Takes Podcast Episodes

October 31, 2024 | Ep.
It's Taplunk! Talos and Splunk threat researchers meet to put the security world to rights

What happens when two sets of threat researchers from Talos and Splunk's SURGe team meet? Aside from some highly controversial opinions and omissions about the best horror movie, the team discuss what security trends are FUD, and what's actually fearful/ most challenging at the moment. Also, what is the security industry not aware of enough, and also too aware of? Plus some thoughts on cybersecurity awareness training and how we can do better. This is a great conversation facilitated by SURGe's Mick Baccio, with Joe Marshall and Nick Biasini from Talos, and Tamara Chacon and Audra Streetman from SURGe.Catch up on all the latest and greatest threat research from our friends at SURGe at https://www.splunk.com/en_us/surge.html

October 25, 2024 | Ep.
The biggest takeaways from Talos IR's new report: New ransomware variants, EDR tool uninstallation, and password spray attacks increasing

The Talos IR Quarterly Trends Q3 2024 is out now! In this episode Hazel Burton, Craig Jackson and Bill Largent discuss three big themes: some new ransomware players, the 'Bring Your Own Vulnerable Driver' trend, and why password spray attacks are making a comeback. Check out the full report at https://blog.talosintelligence.com/incident-response-trends-q3-2024/

Why Cisco Talos?

Talos is Cisco's threat intelligence research organization, an elite group of security experts devoted to providing superior protection for our customers, products and services.

Our job is your defense.

Talos powers the Cisco portfolio with comprehensive intelligence.

Every customer environment, every event, every single day, all around the world.