Ransomware crims that exploited SharePoint 0-days add Velociraptor to their arsenal
And they’re likely still abusing the same SharePoint flaws for initial access
Cybersecurity Month10 Oct 2025 |
Talos
In the rush to adopt hot new tech, security is often forgotten. AI is no exception
Cisco finds hundreds of Ollama servers open to unauthorized access, creating various nasty risks
Security02 Sep 2025 | 6
Patch now: Millions of Dell PCs with Broadcom chips vulnerable to attack
black hat Psst, wanna steal someone's biometrics?
Patches05 Aug 2025 | 20
Crims defeat human intelligence with fake AI installers they poison with ransomware
Take care when downloading AI freebies, researcher tells The Register
Cyber-crime30 May 2025 | 7
Ransomware crews add 'EDR killers' to their arsenal – and some aren't even malware
interview Crims are disabling security tools early in attacks, Talos says
Disaster Recovery Week31 Mar 2025 | 1
Akira ransomware is encrypting victims again following pure extortion fling
Crooks revert to old ways for greater efficiency
Security22 Oct 2024 | 2
Ransomware crew infects 100+ orgs monthly with new MedusaLocker variant
Exclusive Crooks 'like a sysadmin, with a malicious slant'
Security03 Oct 2024 | 3
Multiple flaws in Microsoft macOS apps unpatched despite potential risks
Windows giant tells Cisco Talos it isn't fixing them
Research19 Aug 2024 | 20
Ransomware crews investing in custom data stealing malware
BlackByte, LockBit among the criminals using bespoke tools
Malware Month10 Jul 2024 |
The spyware business is booming despite government crackdowns
Updated 'Almost zero data being shared across the industry on this particular threat,' we're told
Security07 Feb 2024 | 35
Alien versus Predator? No, this Android spyware works together
Phone-hugging code can record calls, read messages, track geolocation, access camera, other snooping
Research27 May 2023 | 8
How do you hunt cybersecurity threats in a war zone? Like this
Interview The Reg speaks to a founder of Cisco Talos Ukraine task force
Defense Tech Week07 Apr 2023 | 1
SBOM is a 'massive galaxy of mess' for supply chain security
SCSW Talos team warns on third-party threats, but will it work? Betteridge's Law may apply
Systems28 Feb 2023 | 7
Microsoft closes another door to attackers by blocking Excel XLL files from the internet
More of them used by baddies since Redmond blocked VBA macros
Research25 Jan 2023 | 6
Microsoft took its macros and went home, so miscreants turned to Windows LNK files
Adapt or die
Research23 Jan 2023 | 6
Cisco’s Talos security bods predict new wave of Excel Hell
Criminals have noticed that spreadsheet's XLL files add custom functionality - including malware
Security21 Dec 2022 | 15
Ransomware down this year – but there's a catch
2021 was such a banner year for extortionists, 2022 is gonna look rosy in comparison
Cyber-crime26 Oct 2022 | 1
Dark Utilities C2 service draws thousands of cyber criminals
Nascent platform provides miscreants an easier and cheaper way to launch remote access, DDoS, and other attacks
Security08 Aug 2022 | 1
Talos names eight deadly sins in widely used industrial software
Entire swaths of gear relies on vulnerability-laden Open Automation Software (OAS)
Patches27 May 2022 | 6
This is a BlackCat you don't want crossing your path
Plus: Android trojan in 100,000+ app installs, Solaris malware
Security22 Mar 2022 | 3
India under attack by rapidly-evolving advanced persistent threat actor SideCopy, says Cisco Talos
Gang is using custom RATs malware to target government employees, and has an interest in Pakistan, too
Security08 Jul 2021 |
Imperva cloud firewall pwned, D-Link bug uncovered – plus more
Roundup Including: Visual Studio Code debug hole found
Security14 Oct 2019 | 2
Insane in the domain: Sea Turtle hackers pwn DNS orgs to dash web surfers on the rocks of phishing pages
Website settings altered to point visitors to malicious clones
Security17 Apr 2019 | 15
Running Elasticsearch 1.4.2 or earlier? There's targeted malware going for your boxen
Yes it's years out of date but there's no such thing as security through obscurity
Security27 Feb 2019 |
Q. What connects the global financial crisis, Ursnif malware, and Coldplay's Viva la Vida?
A. Bad things from 2008 we can't seem to shake
Security28 Jan 2019 | 6
'Bomb threat' scammers linked to earlier sextortion campaign
Scare tactic efforts may be the work of a single group
Security15 Dec 2018 | 29
UK white hats blacklisted by Cisco Talos after smart security code stumbles
Cisco gracefully says it won't charge for the privilege
Security13 Dec 2018 | 20
Cisco smells a RAT in Breaking Security's Remcos PC wrangler
Updated Researchers claim pentesting software being used for botnets
Security22 Aug 2018 | 8
VPNFilter router malware is a lot worse than everyone thought
More affected devices. More damage. And what looks like an escalation in attacks
Security07 Jun 2018 | 57
Advanced VPNFilter malware menacing routers worldwide
Cisco's Talos team says 500k already pwned and leaking data
Security23 May 2018 | 33
Russian malware harvesting Telegram Desktop creds, chats
Python programmer may have outed himself on YouTube
Security17 May 2018 | 10
Spectre shenanigans, Nork hackers upgrade, bad WD drives and more
Roundup Your weekly dose of infosec odds'n'sods
Security03 Feb 2018 | 14
Good news, everyone: Ransomware declining. Bad news: Miscreants are turning to crypto-mining on infected PCs
Screw asking for digi-coins. Craft 'em on 500,000 computers
Security01 Feb 2018 | 23
CCleaner targeted top tech companies in attempt to lift IP
Infected Avast tool's payload went after the likes of Microsoft, Intel and Cisco, hit 20 targets
Security21 Sep 2017 | 49
Microsoft won't patch Edge browser content security bypass
Tells Cisco's Talos it's a feature, not a bug. Apple and Google disagree and fixed it
Security07 Sep 2017 | 37
Apache Struts 2 needs patching, without delay. It's under attack now
Black hats testing remote code execution zero-day vulnerability
Security09 Mar 2017 | 5
Talos opens box, three Aerospike vulns fly out
NoSQL server, but a big unhappy Yes to the question of security worries
Security22 Feb 2017 | 2
Wavering about Apple's latest security fix? Don't, says Talos
The very image of a remote exploit
Software21 Jul 2016 | 13
Time for a patch: six vulns fixed in NTP daemon
What's the time? It's time to get ill. Unless you fix these beastly flaws
Security28 Apr 2016 | 7
SamSam ransomware shifts from hospitals to schools via JBoss hole
With 3.2 million unpatched servers, scum have a lot of targets
Security19 Apr 2016 | 4
'Malicious time source' can poison Network Time Protocol
Think of this as an evil TARDIS dropping servers into a time rift
Security22 Oct 2015 | 6
Cisco tool IDs malware in the firmware
Your SYNs, forgiven
Security25 Sep 2015 | 4
Cisco's RAT-catchers spot sysadmin-targeted phish
Tricks admin tool into sucking down the malware
Security27 Aug 2015 | 4
Coming in 2014: Scary super-soldier exoskeleton suits from the US military
Iron Man-esque armor prototypes next year, deployment in 2018
Legal31 Dec 2013 | 105
OCZ unsheathes Talos flash talons
Another flash drive clawing into HDD business
Channel01 Aug 2011 | 1
Biting the hand that feeds IT
