Inside the Hidden VM: How Attackers Stay Undetected

Threat actors are getting better at hiding in plain sight through using virtual environments to evade detection and deliver ransomware.

New research from Sophos X-Ops reveals an increase in the abuse of QEMU, an open-source emulator, to conceal malicious activity inside virtual machines.

While this technique isn’t new, its use for defense evasion is accelerating, making visibility and detection even more challenging for defenders.

Watch as Susie Evershed and Morgan Demboski walk through the findings, what this means for businesses, and ask your questions in real time.