Cisco Talos Archives

PwC review board CISCO Board Onboard with Security

Attackers Have Been Exploiting Cisco SD-WAN Zero-Day Flaw Since 2023

Jeffrey Burt | February 26, 2026 | CISA Advisory, Cisco Systems, Cisco Talos, Five Eyes Intelligence Alliance, Network Security, Privilege Escalation, root access, SD-WAN, zero day exploit attack

Cisco and Five Eyes agencies are alerting organizations to a highly sophisticated attack, where threat actors compromise a Cisco SD-WAN controller via a zero-day flaw, downgrade the device to an earlier software ...

Security Boulevard

cyberwar, cyber, SLA, cyberattack, retailers, Ai, applications, sysdig, attack, cisco, AI, AI-powered, attacks, attackers, security, BreachRx, Cisco, Nexus, security, challenges, attacks, cybersecurity, risks, industry, Cisco Talos hackers legitimate tools used in cyberattacks

Threat Actors Abuse Red Team Tool MacroPack to Deliver Malware

Jeffrey Burt | September 6, 2024 | Cisco Talos, Cybersecurity, malware from legitimate sources, Microsoft Office, VBA macros

Cisco Talos researchers found that multiple bad actors were abusing the MacroPack framework, continuing an ongoing trend of hackers repurposing legitimate security software tools to run cyber campaigns against organizations ...

Security Boulevard

CoralRaider Group Delivers Three Infostealers via CDN Cache

Jeffrey Burt | April 24, 2024 | Cisco Talos, CryptBot, infostealers, Malware

The latest cyberthreat campaign by the threat actors is targeting victims around the world, Cisco's Talos unit says ...

Security Boulevard

Zardoor Backdoor Alert: Threat Actors Target Islamic Charity

In recent cyber threat intelligence developments, an unnamed Islamic non-profit organization based in Saudi Arabia has fallen victim to a covert cyber-espionage campaign employing a previously unknown backdoor named Zardoor. Discovered by ...

TuxCare

Lazarus Group Exploits Log4j Flaw in New Malware Campaign

Jeffrey Burt | December 12, 2023 | Andariel, Cisco Talos, Cybersecurity, Lazarus Group, Malware

The notorious North Korea-backed Lazarus Group continues to change up its tactics to evade detection, with a new campaign featuring the exploitation of the Log4j critical vulnerability and three new malware families ...

Security Boulevard

Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

BrianKrebs | August 22, 2023 | Assetnote, Canary Tokens, Cisco Talos, Haroon Meer, Hazel Burton, Ransomware, Security Tools, Shubham Shah, The Coming Storm, Thinkst

In large metropolitan areas, tourists are often easy to spot because they're far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is ...

Krebs on Security

‘Predator’ — Nasty Android Spyware Revealed

Richi Jennings | May 30, 2023 | android spyware, Cisco Talos, Cytrox, Intellexa, iOS spyware, nation-state, SB Blogwatch, spyware, Talos

Intellexa mercenary spyware chains five unpatched bugs—plus ‘Alien’ technology ...

Security Boulevard

Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday

BrianKrebs | September 13, 2022 | Asheer Malhotra, Cisco Talos, Dustin Childs, iOS 16, Jon Munshaw, Kevin Breen, Lily Hay Newman, Lockdown Mode, Microsoft Patch Tuesday September 2022, Pangu Lab, Safety Check, Satnam Narang, Security Tools, Time to Patch, Trend Micro, Xinru Chi

This month's Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could ...

Krebs on Security

Wazawaka Goes Waka Waka

In January, KrebsOnSecurity examined clues left behind by "Wazawaka," the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since "lost his mind" according to his ...

Krebs on Security

Getting the most out of your NIDS

Jon Natkins | March 8, 2021 | Cisco Talos, CMDB, CVE, dns, HTTPS, ids, IOC, NDR, network security monitoring, NIDS, NTA, OPEN ruleset, Proofpoint Emerging Threats, ServiceNow, SOAR, SOC, Suricata, Windows Server, Zeek

By Jon Natkins, Product Manager, Corelight Network Intrusion Detection Systems (NIDS) are widely deployed by the most sophisticated blue teams in the world. For well-funded organizations, there is little question about the ...

Bright Ideas Blog

Cisco Talos

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On