Pointing a Cursor at evading detection
Sophos X-Ops analysts observed a threat actor using artificial intelligence (AI) technologies to test endpoint detection and response (EDR) evasion...
analysts
Pointing a Cursor at evading detection
Sophos X-Ops analysts observed a threat actor using artificial intelligence (AI) technologies to test endpoint detection and response (EDR) evasion...
WantToCry ransomware remotely encrypts files
SophosLabs analysts investigated WantToCry ransomware attacks that involved the threat actors abusing the Server Message Block (SMB) service for initial...
WantToCry ransomware remotely encrypts files
SophosLabs analysts investigated WantToCry ransomware attacks that involved the threat actors exploiting SMB for initial access and then exfiltrating files...
Sophos Leader KuppingerCole MDR 2026
Sophos has been named an Overall Leader in the 2026 KuppingerCole Analysts Leadership Compass for Managed Detection and Response (MDR)....
Your AI Agents Are Already Inside the Perimeter. Do You Know What They’re Doing?
Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern...
QEMU abused to evade detection and enable ransomware delivery
Sophos analysts are investigating the active abuse of QEMU, an “open-source machine emulator and virtualizer,” by threat actors seeking to...
Meta moves fast toward a world where AI builds the software
But analysts caution that the path there is far from straightforward. “For Meta-scale firms, agent-led engineering is achievable only in...
10 ChatGPT AI Prompts L1 SOC Analysts Can Use in Their Daily Work
Image: donut3771/Envato Security operations center (SOC) analysts are expected to process a constant stream of alerts… often under tight response...
Microsoft maps Windows 11 quality overhaul after acknowledging gaps
Are these fixes enough? While Microsoft has outlined a comprehensive plan, analysts say the issues highlighted by the company may...
Android devices ship with firmware-level malware
In late February 2026, SophosLabs analysts identified multiple detections on Android devices for malicious activity associated with the Keenadu backdoor....
The SOC Analyst Role Is Going Up (And It Was Never Going Away)
How autonomous triage turns security analysts from ticket processors into strategic operators The Security Operations Center has a math...
6 Minutes and a Prayer: The Math Your SOC Doesn’t Want You to See
Your analysts are gambling with alerts, and the math proves it. The cybersecurity industry has quietly agreed to avoid...
Malicious use of virtual machine infrastructure
In late 2025, SophosLabs analysts investigated several WantToCry remote ransomware incidents. In each case, the attackers used virtual machines with...
