Operating inside the lethal trifecta: Blast radius reduction in AI agent deployments
Seven things security teams can start doing today to reduce risk
Categories: Threat Research
Tags: AI, CISO
Seven things security teams can start doing today to reduce risk
Categories: Threat Research
Tags: AI, CISO
The use of hidden virtual machines (VMs) enables long-term access, credential harvesting, data exfiltration, and PayoutsKing ransomware deployment
Categories: Threat Research
Tags: virtual machine, QEMU, PayoutsKing, GOLD ENCOUNTER, CitrixBleed2
We can't control the pace of AI-driven vulnerability discovery, but we can control how fast we respond.
Categories: Sophos Insights
Tags: LLM, AI, Exploit, vulnerability, Active Adversary, Pacific Rim
Following our article on the challenges posed by agentic AI, we gave OpenClaw access to one of our legacy networks
Categories: Threat Research
Tags: OpenClaw, LLM, AI, penetration testing, Red Team, CISO, Sophos X-Ops
No matter the country, industry, or company size, IT and cybersecurity teams report a heavy regulatory load and worry about staying aligned with requirements
Categories: Products & Services
Tags: CISO, Compliance
Third consecutive time being named a Customersโ Choice for MDR
Categories: Products & Services
Tags: Gartner, Gartner Peer Insights, MDR, Sophos MDR, Third-Party Reviews
New Sophos survey reveals only 5% of IT leaders say they fully trust their cybersecurity vendors
Categories: Products & Services, Sophos Insights
Tags: Trust, Privacy, Trust Center
Only 5% of organizations fully trust their cybersecurity providers. Letโs do better.
Categories: Products & Services, Sophos Insights
Tags: Trust, Trust Center, Privacy
A phishing campaign targeting multiple organizations led to RMM installations โ but not much else (yet). A threat actor experimenting, or an access-as-a-service attack underway?
Categories: Threat Research
Tags: STAC6405, infostealer, RMM, Phishing
Victimizing software developers via fake companies, jobs, and code repositories to steal cryptocurrency
Categories: Threat Research
Tags: NICKEL ALLEY, Contagious Interview, North Korea, clickfix
Eight Critical-severity bugs โ none in Windows โ appear in 84-CVE haul
Categories: Threat Research
Tags: Patch Tuesday, x-ops, Microsoft, Windows, detection
Analysis of attacks originating from Iran-linked threat groups reveals a preference for certain techniques
Categories: Threat Research
Tags: Iran, initial access
Across three recent campaigns, Sophos X-Ops notes shifts in both lures and malware capabilities, as threat actors leveraging ClickFix techniques increasingly target macOS users with infostealers
Categories: Threat Research
Tags: MacOS, infostealer, clickfix, MacSync, Social engineering
Rising tensions have sparked an increase in regional hacktivist activity, but impact has been minimal
Categories: Threat Research
Tags: hacktivism, Iran, israel, Operation Epic Fury
Insights and recommended defensive measures from Sophos X-Ops Counter Threat Unit
Categories: Security Operations
Tags: Sophos CTU, Iran, Operation Epic Fury
Categories: Threat Research
Tags: advisory, vulnerability, SD-WAN
Weโre excited to announce the highly anticipated release of Sophos Workspace Protection has arrived.
Categories: Products & Services
Tags: Workspace
What a long, strange trip itโs been
Categories: Security Operations
Tags: Active Adversary
Practical steps to reduce business cyber risk based on analysis of 661 incidents remediated by Sophos X-Ops as detailed in the Sophos Active Adversary Report 2026
Categories: Products & Services
Tags: MDR., Identity Security, ITDR, Secure by Design, XDR
AI headline hype didnโt deliver a sea change for practical defense โ but one below-the-radar development should
Categories: Security Operations, Threat Research
Tags: Active Adversary, Active Adversary Report