QEMU abused to evade detection and enable ransomware delivery
Sophos analysts are investigating the active abuse of QEMU, an “open-source machine emulator and virtualizer,” by threat actors seeking to...
analysts
Meta moves fast toward a world where AI builds the software
But analysts caution that the path there is far from straightforward. “For Meta-scale firms, agent-led engineering is achievable only in...
10 ChatGPT AI Prompts L1 SOC Analysts Can Use in Their Daily Work
Image: donut3771/Envato Security operations center (SOC) analysts are expected to process a constant stream of alerts… often under tight response...
Microsoft maps Windows 11 quality overhaul after acknowledging gaps
Are these fixes enough? While Microsoft has outlined a comprehensive plan, analysts say the issues highlighted by the company may...
Android devices ship with firmware-level malware
In late February 2026, SophosLabs analysts identified multiple detections on Android devices for malicious activity associated with the Keenadu backdoor....
The SOC Analyst Role Is Going Up (And It Was Never Going Away)
How autonomous triage turns security analysts from ticket processors into strategic operators The Security Operations Center has a math...
6 Minutes and a Prayer: The Math Your SOC Doesn’t Want You to See
Your analysts are gambling with alerts, and the math proves it. The cybersecurity industry has quietly agreed to avoid...
Malicious use of virtual machine infrastructure
In late 2025, SophosLabs analysts investigated several WantToCry remote ransomware incidents. In each case, the attackers used virtual machines with...
