%term

The Hackers Who Left Their Entire Playbook Online

May 7, 2026 By Sophos In Sophos

A ransomware group called Warlock tore through more than 60 organisations in six months, targeting the nuclear energy, aerospace, and government sectors. They chain zero-days and neutralise antivirus software using signed Chinese drivers. This is how they operate and how the Sophos CTU tracked them across eleven incidents to expose their full playbook

View Video

Sophos

Read more about The Hackers Who Left Their Entire Playbook Online

Sophos Firewall: Integrate Active Directory

May 7, 2026 By Sophos In Sophos

A step-by-step tutorial for integrating Active Directory in your Sophos Firewall. The steps are shown in SFOS v21, so the steps and user interface may vary slightly in later versions. Ask questions and get expert answers in the Sophos Community.

View Video

Sophos

Read more about Sophos Firewall: Integrate Active Directory

CYJAX Launches Compromised Device Alerting to Detect Threats Earlier

May 7, 2026 By CYJAX In CYJAX

Detect compromised devices before attackers act. CYJAX’s new alerting identifies stealer malware infections and exposed credentials in near real time. CYJAX today announced the launch of Compromised Device Alerting, a new capability designed to help organisations identify compromised devices within their environment before attackers can act on stolen credentials.

Read Post

CYJAX

Read more about CYJAX Launches Compromised Device Alerting to Detect Threats Earlier

Episode 14 - Harvest Now, Decrypt Later: The Shift to Post-Quantum Cryptography

May 7, 2026 By Corelight In Corelight

The emergence of quantum computing has introduced a definitive expiration date for classical encryption, fueling a "harvest now, decrypt later" strategy among sophisticated nation-state actors. In this episode, Vince Stoffer joins Richard Bejtlich to demystify Post-Quantum Cryptography (PQC) and explain why organizations must move beyond a "set it and forget it" mentality regarding their encryption standards.

View Video

Corelight

Read more about Episode 14 - Harvest Now, Decrypt Later: The Shift to Post-Quantum Cryptography

The New Vanguard: Strategic Leadership in the Age of Autonomous Threats

May 7, 2026 By SecuritySenses In SecuritySenses

The threat landscape of 2026 is no longer defined by the singular hacker or the isolated malware strain. We have entered the era of the "Autonomous Adversary"-a period where AI-driven social engineering, automated vulnerability discovery, and polymorphic code are the standard tools of state-sponsored and criminal actors alike. For the security professional, the traditional defensive perimeter has dissolved. To navigate this complexity, the industry is moving away from purely tactical responses toward a model of "Cyber-Resilience and Strategic Governance.".

Read Post

SecuritySenses

Read more about The New Vanguard: Strategic Leadership in the Age of Autonomous Threats

The New Insurance Fast Track program for Sophos MDR Customers

May 5, 2026 By Sophos In Sophos

Getting a clear ROI on your security investment has never been easier. Get cyber insurance in minutes from top brand global companies who all believe in the power of Sophos MDR so much, they are willing to enhance their insurance offerings for it.

View Video

Sophos

Read more about The New Insurance Fast Track program for Sophos MDR Customers

Sophos Security Services Retainer

May 5, 2026 By Sophos In Sophos

The Sophos Security Services Retainer gives your organization flexible access to proactive security services, along with incident response coverage should a cyberattack happen.

View Video

Sophos

Read more about Sophos Security Services Retainer

5 signs it is time to upgrade your DIY Zeek deployment

May 5, 2026 By Matt Ellison In Corelight

You already know the immense value of open-source Zeek. It provides the absolute gold standard of network evidence, giving you the deep visibility required to defend your organization. You have the right strategic foundation, but the operational workload of managing a do-it-yourself (DIY) deployment at scale is likely draining your energy.

Read Post

Corelight

Read more about 5 signs it is time to upgrade your DIY Zeek deployment

AI Threat Detection for Healthcare: Protecting Patient Data from AI-Mediated Attacks

May 1, 2026 By Shauli Rozen In ARMO

For six weeks, a mid-size hospital system’s CDS agent issued recommendations biased by a poisoned guideline summary. No detection alert fired. The drift — denial recommendations in cases sharing one specific clinical attribute — traced back to a guideline an outside contributor had quietly reweighted in editorial review. Every existing detection stack reported green. DLP: no PHI left the cluster. EHR audit log: agent reading and writing within scope. Network egress: normal traffic.

Read Post

ARMO

Read more about AI Threat Detection for Healthcare: Protecting Patient Data from AI-Mediated Attacks

Proof-of-concept exploit available for Linux 'Copy Fail' vulnerability (CVE-2026-31431)

May 1, 2026 By Sophos Counter Threat Unit Research Team In Sophos

On April 29, 2026, details about the ‘Copy Fail’ vulnerability (CVE-2026-31431) were publicly disclosed. This high-severity (CVSS score of 7.8) privilege escalation vulnerability impacts Linux distributions shipped since 2017. It allows an unprivileged local user to obtain root-level access on affected Linux systems by corrupting the kernel’s in-memory page cache of a privileged binary.

Read Post