Library

Title Date File Type

RAMBO: Run-time packer Analysis with Multiple Branch Observation

Xabier Ugarte-Pedrero, Davide Balzarotti, , Igor Santos, and Pablo G. Bringas
2016-07-07 PDF

Function Identification and Recovery Signature Tool

Angel M. Villegas
2016-10-19 pdf

Subverting Operating System Properties through Evolutionary DKOM Attacks

Mariano Graziano, Lorenzo Flore, Andrea Lanzi, and Davide Balzarotti
2016-07-07 pdf

ROPMEMU: A Framework for the Analysis of Complex Code-Reuse Attacks

Mariano Graziano, Davide Balzarotti, and Alain Zidouemba
2016-05-30 pdf

Threat Spotlight: PoSeidon, A Deep Dive Into Point of Sale Malware

Talos
2014-04-01 pdf

Deconstructing and Defending Against Group 72

Andrea Allievi, Joel Esler, Douglas Goddard, Shaun Hurley, Martin Lee, Craig Williams, and Alain Zidouemba.
2014-11-11 pdf

Threat Spotlight: Cisco Talos Thwarts Access to Massive International Exploit Kit Generating $60M Annually From Ransomware Alone

Nick Biasini with contributions from Joel Esler, Warren Mercer, Melissa Taylor, and Craig Williams
2015-10-06 html

Hacking the Belkin E Series Omniview 2-Port KVM Switch

Ian Payton
2017-04-06 pdf

Zeus Trojan Analysis

Alex Kirk
2015-03-09 html

Threat Spotlight: Angler Lurking in the Domain Shadows

Talos
2015-04-30 pdf

CryptoWall 4: The Evolution Continues

Andrea Allievi and Holger Unterbrink with contributions from Warren Mercer
2016-04-20 pdf

Protecting Windows and Mac Users Against the “Kyle and Stan” Malvertising Network

Shaun Hurley, David McDaniel, and Armin Pelkmann
2015-10-02 pdf

Content-Type Mismatch Detection

Alex Kirk
2010-01-01 html

ROKRAT Whitepaper: A sophisticated malware campaign targeting South Korean government officials involved in reunification

Warren Mercer, Paul Rascagneres, Matthew Molyett
2017-06-02 pdf

Take the RIG Pill Down the Rabbit Hole

By Holger Unterbrink, with contributions by Christopher Marczewski
2017-06-20 pdf

Wiper Malware whitepaper

Vitor Ventura (@_vventura)
2018-05-08 pdf

Cisco Talos Email Status Portal overview

2020-09-02 PDF

Process Control through Counterfeit Comms: Using and abusing built-in functionality to own a PLC

Jared Rittle and Patrick DeSantis
2018-10-02 pdf

List of bitcoin wallets in recent sextortion campaigns

Jaeson Schultz
2018-10-31 txt

List of malicious Facebook groups taken down by Cisco Talos

Jonathan Munshaw and Jaeson Schultz
2019-04-02 Excel spreadsheet

The art and science of detecting Cobalt Strike

Nicholas Mavis
2020-09-17 PDF

Emotet IOCs

Jaeson Schultz
2019-09-17 txt

Blocking cryptocurrency mining using Cisco Security products

Alex McDonnell, with contributions from Nicholas Mavis, Spenser Reinhardt, Josh Reynolds and Alan Smith
2019-01-16 PDF

CISO Advisory: Government & Risk management

Martin Lee and Jon Munshaw
2019-10-24 PDF

Cisco Advisory: Security architecture

Joe Marshall and Jon Munshaw
2019-10-30 PDF

Data breach pay-for-homework document

2020-09-24 PDF

Talos WhitePaper

Cisco Talos
2019-11-21 PDF

IR Quarterly Trends TAR Q4 2019 One Pager

Cisco Talos
2020-01-30 PDF

IR Quarterly Trends TAR Q2 2020 One Pager

Cisco Talos
2020-04-13 PDF

IR Quarterly Trends TAR Q1 2020 One Pager

Cisco Talos
2020-03-01 PDF

Cisco Talos Incident Response Threat Assessment Report for Q3 2020

David Liebenberg, Kendall McKay, Jonathan Munshaw
2020-06-15 PDF

What to expect when you're electing: What Talos learned after 4 years of research and hands-on experience

Matt Olney
2020-07-16 PDF

What to expect when you're electing: The building blocks of political disinformation campaigns

Nick Biasini, Kendall McKay and Matt Valites
2020-08-26 PDF

IR Quarterly Trends Q4 2020

David Liebenberg and Caitlin Huey
2020-09-01 PDF
Title Date File Type

Subverting Operating System Properties through Evolutionary DKOM Attacks Presentation

Mariano Graziano, Lorenzo Flore, Andrea Lanzi, Davide Balzarotti
2016-07-07 pdf

Go Speed Tracer

Richard Johnson
2016-05-30 pdf

ROPMEMU: A Framework for the Analysis of Complex Code-Reuse Attacks Presentation

Mariano Graziano, Davide Balzarotti, Alain Zidouemba
2016-03-30 pdf

Exploit Kits: Hunting the Hunters Presentation

Nick Biasini
2016-05-01 pdf

Improving Software Security with Dynamic Binary Instrumentation

Richard Johnson
2011-11-01 pdf

Characteristics and Detection of HTTP C&C Channels

Alex Kirk
2011-11-09 pdf

Razorback Framework

Richard Johnson
2011-11-01 pdf

Taint Nobody Got Time for Crash Analysis

Richard Johnson
2011-11-01 pdf

Detecting Obfuscated Malicious JavaScript with Snort and Razorback

Alex Kirk
2010-11-01 pdf

A Close Look at Rogue Antivirus Programs

Alain Zidouemba
2011-06-01 pdf

A Castle Made of Sand: Adobe Reader X Sandbox

Richard Johnson
2011-11-01 pdf

Harder, Better, Faster, Stronger: Semi-automatic Vulnerability Research

Talos
2011-11-01 pdf

Function Identification and Recovery Signature Tool Presentation

Angel M. Villegas
2016-11-01 pdf

Fuzzing and Patch Analysis: Sagely Advice

Richard Johnson, Pawel Janic (Emeritus)
2015-10-02 PDF

RAMBO: Run-time packer Analysis with Multiple Branch Observation

Xabier Ugarte-Pedrero, Davide Balzarotti, Igor Santos, Pablo G. Bringas
2016-07-07 pdf

BASS - Automated Signature Synthesizer

Jonas Zaddach and Mariano Graziano.
2017-06-19 pdf

Fuzzing guided code auditing and vice versa

Aleksandar Nikolic
2018-07-31 pdf