Follow Talos on their other social channels!
About Us
Company Size:
10001+ employees
Company Type:
Talos is the industry-leading threat intelligence organization. We detect and correlate threats in real time using the largest threat detection network in the world to protect against known and emerging cyber security threats to better protect your organization.
Read more
Promoted Content
Listen to the New Beers with Talos Podcast
New Blog Post From Talos: New Ransomware Variant Compromises Systems Worldwide
Talos has published a new blog in response to the ransomware outbreak that has affected multiple organizations in several countries. Please note that this blog post discusses active research by Talos into a new threat. This information should be considered preliminary with updates forth coming as new information becomes available. ---Today a new malware variant has surfaced. Our current research leads us to believe that the sample leverages EternalBlue and WMI for lateral movement inside an ...
Beers with Talos Podcast Now Available
The first episodes of Beers with Talos are now available on iTunes and directly on talosintelligence.com/podcasts.When Talos decided to make a threat intelligence podcast, we wanted to make it different than your typical buttoned down, subdued security podcast. The BWT crew: Craig, Joel, Nigel, and Mitch, decided to do that by making a podcast that is a lot like the discussions that you would have after work with colleagues - if your colleagues were both ridiculously opinionated and hyper-focuse ...
Player 3 Has Entered the Game: Say Hello to 'WannaCry'
EXECUTIVE SUMMARYA major ransomware attack has affected many organizations across the world reportedly including Telefonica in Spain, the National Health Service in the UK, and FedEx in the US. The malware responsible for this attack is a ransomware variant known as 'WannaCry'. The malware then has the capability to scan heavily over TCP port 445 (Server Message Block/SMB), spreading similar to a worm, compromising hosts, encrypting files stored on them then demand ...
Threat Spotlight: Mighty Morphin Malware Purveyors: Locky Returns Via Necurs
This post was authored by Nick BiasiniThroughout the majority of 2016, Locky was the dominant ransomware in the threat landscape. It was an early pioneer when it came to using scripting formats Windows hosts would natively handle, like .js, .wsf, and .hta. These scripting formats acted as a vehicle to deliver the payload via email campaigns. However, late in 2016 Locky distribution declined dramatically largely due to the slowdown of Necurs that occurred at the same time. On April 21st ...
New Blog Post: From Box to Backdoor: Discovering Just How Insecure an ICS Device is in Only 2 Weeks
Talos has published a new blog post covering vulnerability research we’ve done on a Moxa ICS device. -----Industrial Control Systems provide stability to civilization. They clean our water, deliver our power, and enable the physical infrastructure that we have learnt to rely on. Industrial Control Systems are also highly prevalent in manufacturing. They're the robots who build your cars and assemble T.V's, they're the forklifts that ship your e-commerce purchases. As factories, utilities, ...
Threat Spotlight: Sundown Matures
This post authored by Nick Biasini with contributions from Edmund Brumaghin and Alex ChiuThe last time Talos discussed Sundown it was an exploit kit in transition. Several of the large exploit kits had left the landscape and a couple of strong contenders remain. Sundown was one of the kits still active and poised to make a move, but lacked a lot of the sophistication of the other large kits and had lots of easy identifiers throughout its infection chain. Most of these identifiers have been strip ...
How Malformed RTF Defeats Security Engines
This post is authored by Paul Rascagneres with contributions from Alex McDonnellExecutive SummaryTalos has discovered a new spam campaign used to infect targets with the well known Loki Bot stealer. The infection vector is an RTF document abusing an old exploit (CVE-2012-1856), however the most interesting part is the effort put into the generation of the RTF. The document contains several malformations designed to defeat security engines and parsers. The attacker has gone out of their way to at ...
Crypt0l0cker (TorrentLocker): Old Dog, New Tricks
This post is authored by Matthew Molyett, Holger Unterbrink and Paul RascagneresExecutive SummaryRansomware continues to be a plague on the internet and still sets itself as the fastest growing malware family we have seen in the last number of years. In this post we describe the technical details about a newly observed campaign of the notorious Crypt0l0cker (aka TorrentLocker or Teerac) ransomware. Crypt0l0cker has gone through a long evolution, the adversaries are updating and improving the mal ...
CPE Webinar: Talos Winter Security Threat Briefing
Tuesday, February 28 at 1pm EDT / 10am PDTAdversaries never stop innovating—and one team is tasked with tracking and stopping new attack strategies. The Talos threat intelligence team has more than 270 full time threat researchers who discover new vulnerabilities, threats and attack strategies. Join our complimentary webinar led by Talos Senior Threat Researcher Earl Carter to learn what the team considered the most important security developments of the past season.  Once per qu ...
Webinar: Exploit Kits – is this the end or just the beginning?
January 12, 2017 at 1pm ET/10am PTExploit kits are used by hackers to compromise users through software vulnerabilities and deliver malicious payloads like Ransomware and Banking Trojans. They are responsible for tens of millions of dollars in losses, and a countless number of victims – and are very profitable for the hackers who use them. These EKs are ready to go off the shelf and often require little-to-no knowledge of the underlying code or the vulnerabilities they exploit. We've ...

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar
Cybrary works best if you switch to our Android-friendly app

We recommend always using caution when following any link

Are you sure you want to continue?