Categories Blog Blog Series Categories Headlines Breaking security news all uses should be up-to-date on, along with any other cybersecurity topics in the news. Patch Tuesday Talos’ recap of Microsoft’s monthly security update, including the vulnerabilities users need to patch for as soon as possible. The Need to Know Unsure of what certain cybersecurity topics or terms actually mean? That's what The Need to Know is for.
We break down complex themes, and talk about how they sit within the threat landscape. Talos IR trends Each quarter, Cisco Talos Incident Response recaps the malware families and attacker tactics they observed most in the wild. Find out what your organizations can learn so you don’t end up in the same position. Threat Advisory Any urgent malware campaigns or security vulnerabilities that Talos is actively researching.
These posts include the latest threat detection our researchers develop to address these issues. Threat Roundup The malware families Talos saw most in the wild over the past week, including up-to-date IOCs and Cisco Secure product coverage. Threat Source newsletter Talos’ weekly recap of the top cybersecurity news and our latest research. Weekly editions appear on the blog, or readers can subscribe to have the email delivered to their inbox every Thursday.
Threat Spotlight The most notable recent cyber attacks and malware campaigns Talos is following, along with the Cisco Secure protection to keep users safe. Vulnerability Deep Dive A very technical breakdown about a vulnerability or set of vulnerabilities and how an attacker could string them together for a cyber attack. Vulnerability Roundup A recap of the security vulnerabilities Talos' research team has helped to uncover and fix, released every other week.
On The Radar Forward-looking features on the issues and trends that Talos feels is affecting the current cybersecurity landscape. The Deep Dive with NTDR A closer look at how Talos' Network Threat Detection and Response team creates coverage and keeps Cisco Security customers safe. Humans of Talos A video interview series that shines a spotlight on team members across Talos, featuring their personal stories, career journeys and unique perspectives.
Tool Talk In this series, Talos releases open-source tools, along with insights, tips, and enhancements to help cybersecurity researchers work smarter and more effectively. All Categories 2022YiR 2023YiR 2024YiR 2025YiR Announcements Asylum Ambuscade Beers with Talos Beers, threats and no silver bullets on this podcast. Cisco Talos Antivirus Cisco Talos Antivirus, also known as ClamAV, delivers foundational malware protection through deep file analysis and industry-leading signature detection.
As an open-source solution embedded across Cisco’s security, networking, and collaboration products, Talos Antivirus provides robust protection against known malware threats, making it a trusted choice for enterprises, service providers, and individuals worldwide. Cisco Talos DNS Security Cisco Talos DNS Security protects organizations from DNS-based threats, including malware delivery, data exfiltration, DNS tunneling, command-and-control (C2) communications, and access to phishing domains, by detecting obfuscated data hidden in DNS packets.
Advanced AI-driven detection, including Domain Generation Algorithm (DGA) analysis, proactively identifies and predicts malicious domains, stopping threats before they impact your organization. Cisco Talos Email Filtering Cisco Talos Email Filtering provides reputation-verdict and categorization services in support of Cisco email security products. Multi-layered defenses protect customers from email threats, spam, and graymail.
Talos Email Filtering examines URLs and file attachments contained in emails, as well as IP and Domain reputations of senders, to block malicious, unwanted, and inappropriate emails. The Talos research team has the experience of experts in over 40 languages to review and classify messages. Cisco Talos Email Threat Prevention Cisco Talos Email Threat Prevention provides industry-leading brand impersonation, business email compromise, and phishing attack detection.
Talos-built AI tools analyze anomalies and traffic trends in Cisco’s vast telemetry database to detect and prevent attackers pretending to be trusted brands (Brand Impersonation) or targeting high value employees with carefully crafted phishing attempts (Business Email Compromise). Talos blocks these customized attacks and provides detailed logs. Cisco Talos Incident Response Cisco Talos Incident Response (Talos IR) provides proactive and emergency support, powered by Cisco Talos’ global threat intelligence.
Organizations can use our flexible retainer for incident response, compromise assessments, tabletop exercises, training, and more. Whether preparing for threats or managing a crisis, Talos IR helps organizations to minimize risk, reduce downtime, and strengthen cybersecurity resilience. Cisco Talos Malware Protection Cisco Talos Malware Protection delivers advanced protection for endpoints and systems against a wide range of malicious software.
The service goes beyond traditional reputation-based blocking by leveraging behavioral analysis of the advanced telemetry and threat intelligence of Talos. This approach enables detection and prevention of both known and emerging threats, including fileless malware, memory exploits, and sophisticated attacks that evade standard defenses. Cisco Talos Network Intrusion Prevention Cisco Talos Network Intrusion Prevention Service (Talos IPS, also known as Snort), delivers advanced, real-time network protection by monitoring and analyzing traffic at the packet level.
By combining comprehensive rule-based detection with behavior-based analysis, Talos IPS identifies and blocks malicious traffic—vulnerability exploitation attempts, malware traffic, SQL injections, and reconnaissance and exfiltration traffic—all before new or emerging threats can compromise systems. Cisco Talos Web Filtering Cisco Talos Web Filtering safeguards organizations by blocking access to malicious, risky, or inappropriate web content.
Leveraging a vast database of domain, IP, and URL reputations and categories, this service enables Cisco products to proactively prevent users from visiting harmful sites and enforces acceptable use and geolocation policies. Talos leverages the power of Cisco telemetry to help organizations to protect users anywhere they access the internet. Cobalt Strike COVID-19 Cryptocurrency CTIR trends DPRK drivers Features initial access broker malware North Korea phishing ransomware Researcher Spotlight A monthly recurring feature highlighting the people who truly make the Talos difference.
Reverse Engineering Russia SecureX Snort To learn more about Snort, visit snort.org and download Snort 3 today! Stealer TA866 Talos 10 Celebrating Talos' 10th anniversary with some of our favorite stories and memories. Talos Takes Every week, join Talos researchers as they break down a complicated security topic for everyone from the C-suite to the frontlines in 10(ish) minutes or less. Threats Turla Ukraine Videos VPNFilter vulnerability Vulnerability Spotlight Coverage of the most important security issues Talos’ world-class vulnerability research team discovers and helps fix before the bad guys find it first. wiper Year In Review