|
By Sophos
State of Identity Security 2026 report finds human error and poor non-human identity management are the root causes of most attacks, as agentic AI accelerates the risk.
|
By Mark Loman
Sophos Endpoint in action: Blocking a novel supply chain attack How the unique anti-exploitation capabilities included with Sophos Endpoint blocked a supply chain attack. Sophos Endpoint is architected from the ground up to automatically block exploits, ransomware, and attacker techniques by default with zero manual tuning.
|
By Doug Aamoth
The State of Identity Security 2026: Identity is the new perimeter Discover the causes and consequences of identity threats based on a survey of 5,000 organizations across 17 countries. In the modern cybersecurity landscape, the traditional network perimeter has dissolved. Today, identity as a perimeter keeps getting stronger and stronger. As organizations accelerate cloud adoption and integrate AI systems, the number of digital identities, both human and non-human, has grown exponentially.
|
By John Peterson
GPT-5.5-Cyber is here. What it means for defenders operating at the frontier. OpenAI’s May 7 release of GPT-5.5 and the limited preview of GPT-5.5-Cyber put frontier AI in verified defenders’ hands. As a member of the Trusted Access for Cyber program, Sophos is using these models to sharpen what we already operate: an agentic SOC that resolves more than half of cases without a human, and an endpoint architecture purpose-built to stop AI-generated zero-days.
|
By Mark Loman
Ransomware: AI changes the writer. It doesn't change the math. Why most endpoint protection still treats ransomware as just another piece of malware, and what changes when you watch the data instead of the attacker. In 2013, CryptoLocker introduced the modern ransomware playbook. It also introduced something most of the industry has still not come to terms with: remote encryption.
|
By Sophos
Sophos named a Leader in the KuppingerCole Analysts Leadership Compass for Managed Detection and Response 2026 Sophos recognized across four leadership categories: Overall, Product, Innovation, and Market Sophos has been named an Overall Leader in the 2026 KuppingerCole Analysts Leadership Compass for Managed Detection and Response (MDR).
|
By Chaitanya Ghorpade
A malicious imitation of Anthropic’s Claude site leads to DLL sideloading – and a backdoor As we reported on social media recently, Sophos X-Ops has been investigating reports of a fake Claude AI website distributing malware. Like other researchers, we thought this might be a PlugX-like campaign, given that the attack chain shares several characteristics with observed PlugX attacks.
|
By Barbara Hudson
How AI-accelerated threat discovery is reshaping network security As vulnerabilities are discovered faster than ever, organizations must rethink how they reduce exposure and contain risk at the network edge. Claude Mythos Preview has reignited debate about AI-driven cyber attacks, but the real shift isn’t what AI finds, it’s how quickly issues at the network edge can turn into impact. This post explores what’s changed and how network security must adapt to keep up.
On April 29, 2026, details about the ‘Copy Fail’ vulnerability (CVE-2026-31431) were publicly disclosed. This high-severity (CVSS score of 7.8) privilege escalation vulnerability impacts Linux distributions shipped since 2017. It allows an unprivileged local user to obtain root-level access on affected Linux systems by corrupting the kernel’s in-memory page cache of a privileged binary.
|
By Sophos
A step-by-step tutorial showing you how to grant access to and configure the Sophos Central Self Service Portal (SSP) for end-users. This web interface allows end-users to perform daily tasks related to email management and more (depending on the configuration) without the need of an administrator. Ask questions and get expert answers in the Sophos Community.
|
By Sophos
With the right planning and tools, migrating to Sophos Firewall is controlled and low risk. Take the next step with Sophos Firewall, a Secure by Design firewall built to simplify operations, reduce risk, and protect your network by default.
|
By Sophos
Sophos Email delivers enterprise-grade protection that keeps malicious messages out of user inboxes, elevates your defense against AI-powered adversaries, trains your employees to stay vigilant, and simplifies day-to-day security operations - all at a competitive price point.
|
By Sophos
A ransomware group called Warlock tore through more than 60 organisations in six months, targeting the nuclear energy, aerospace, and government sectors. They chain zero-days and neutralise antivirus software using signed Chinese drivers. This is how they operate and how the Sophos CTU tracked them across eleven incidents to expose their full playbook
|
By Sophos
A step-by-step tutorial for integrating Active Directory in your Sophos Firewall. The steps are shown in SFOS v21, so the steps and user interface may vary slightly in later versions. Ask questions and get expert answers in the Sophos Community.
|
By Sophos
Getting a clear ROI on your security investment has never been easier. Get cyber insurance in minutes from top brand global companies who all believe in the power of Sophos MDR so much, they are willing to enhance their insurance offerings for it.
|
By Sophos
The Sophos Security Services Retainer gives your organization flexible access to proactive security services, along with incident response coverage should a cyberattack happen.
|
By Sophos
Threat actors are getting better at hiding in plain sight through using virtual environments to evade detection and deliver ransomware. New research from Sophos X-Ops reveals an increase in the abuse of QEMU, an open-source emulator, to conceal malicious activity inside virtual machines. While this technique isn’t new, its use for defense evasion is accelerating, making visibility and detection even more challenging for defenders.
|
By Sophos
AI speed. Human judgment. Fully managed. Sophos MDR: the world's largest agentic SOC. Speak with an expert. Request a custom service proposal at Sophos.com/MDR.
|
By Sophos
A step-by-step tutorial that shows you how to deploy Sophos Firewall in AWS. It covers choosing a license model, creating an EC2 SSH key pair, launching the CloudFormation stack, registering the firewall in Sophos Central, and completing the default certificate.
|
By Sophos
This white paper reveals the attack techniques most likely to drive highimpact incidents - and provides practical advice on how to stop them. By learning from realworld attacks, businesses can strengthen their resilience and meaningfully reduce their cyber risk.
|
By Sophos
369 IT and cybersecurity leaders reveal the ransomware realities for financial services providers today. The report examines how the causes and consequences of ransomware attacks on financial services providers have evolved over time. This year's edition also sheds light on previously unexplored areas, including the organizational factors that left providers exposed and the human toll ransomware takes on IT and cybersecurity teams in the financial services sector.
|
By Sophos
Security Operations Centers (SOCs) are essential for detecting and responding to cyber threats, but building the right model isn't one-size-fits-all. With talent shortages and rising threat complexity, many organizations are rethinking how to scale security operations. This guide breaks down the pros, cons, and trade-offs of in-house, hybrid, and outsourced SOC models. Find the SOC strategy that fits your needs, risk profile, and available resources.
- May 2026 (19)
- April 2026 (17)
- March 2026 (17)
- February 2026 (6)
- January 2026 (10)
Sophos unites unmatched threat intelligence, adaptive AI, and human expertise in an open platform to stop attacks before they strike — giving you the clarity and confidence to stay ahead of every threat.
Sophos delivers adaptive, AI-powered cybersecurity — backed by real experts — so organizations can stay secure, resilient, and free to grow without compromise.
Sophos advantage in cybersecurity:
- Prevention: Sophos’ approach blocks more threats upfront to minimize risk and reduce investigation and response time.
- Trust: The only vendor named Gartner® Customers’ choice for endpoint, firewalls, mobile threats, and MDR, with 600K+ customers worldwide.
- Platform: Sophos products include 100+ integrations with other third-party solutions, plus services that are highly customizable to your needs.
Take Control of Every Threat