The Cybersecurity Poverty Line: Why it exists and why Sophos exists to erase it
Erase is an ambitious word. We chose it because the agentic era of AI creates a genuine opportunity to change the equation.
Erase is an ambitious word. We chose it because the agentic era of AI creates a genuine opportunity to change the equation.
Following a certification test, Sophos X-Ops found an unexpected guest had hitched a ride
AI accelerated tool development and testing, but humans drove the workflow
The compromise of student data turned a cyber mom into a cyber mama bear
Strong endpoint protection remains critical. But in todayโs AI-driven threat environment, it's most powerful when it's part of a broader, coordinated defense.
A malicious VS Code extension led to cloned private repositories, reportedly offered for sale on a criminal forum
Brute-force attempts against SMB services can be early signs of an attack
Sophos X-Ops looks at the Atomic macOS Stealer and its capabilities
With advisories, this monthโs count approaches 300 โ though many are already in place
How the unique anti-exploitation capabilities included with Sophos Endpoint blocked a supply chain attack.
Seven things security teams can start doing today to reduce risk
Categories: Threat Research
Tags: AI, CISO
The use of hidden virtual machines (VMs) enables long-term access, credential harvesting, data exfiltration, and PayoutsKing ransomware deployment
Categories: Threat Research
Tags: virtual machine, QEMU, PayoutsKing, GOLD ENCOUNTER, CitrixBleed2
We can't control the pace of AI-driven vulnerability discovery, but we can control how fast we respond.
Categories: Sophos Insights
Tags: LLM, AI, Exploit, vulnerability, Active Adversary, Pacific Rim
Following our article on the challenges posed by agentic AI, we gave OpenClaw access to one of our legacy networks
Categories: Threat Research
Tags: OpenClaw, LLM, AI, penetration testing, Red Team, CISO, Sophos X-Ops
No matter the country, industry, or company size, IT and cybersecurity teams report a heavy regulatory load and worry about staying aligned with requirements
Categories: Products & Services
Tags: CISO, Compliance
Third consecutive time being named a Customersโ Choice for MDR
Categories: Products & Services
Tags: Gartner, Gartner Peer Insights, MDR, Sophos MDR, Third-Party Reviews
New Sophos survey reveals only 5% of IT leaders say they fully trust their cybersecurity vendors
Categories: Products & Services, Sophos Insights
Tags: Trust, Privacy, Trust Center
Only 5% of organizations fully trust their cybersecurity providers. Letโs do better.
Categories: Products & Services, Sophos Insights
Tags: Trust, Trust Center, Privacy
A phishing campaign targeting multiple organizations led to RMM installations โ but not much else (yet). A threat actor experimenting, or an access-as-a-service attack underway?
Categories: Threat Research
Tags: STAC6405, infostealer, RMM, Phishing
Victimizing software developers via fake companies, jobs, and code repositories to steal cryptocurrency
Categories: Threat Research
Tags: NICKEL ALLEY, Contagious Interview, North Korea, clickfix