Sophos News - The Sophos Blog

1 min read Original article ↗
QEMU abused to evade detection and enable ransomware delivery - feature image

Threat Research

virtual machine

QEMU

PayoutsKing

GOLD ENCOUNTER

CitrixBleed2

QEMU abused to evade detection and enable ransomware delivery

The use of hidden virtual machines (VMs) enables long-term access, credential harvesting, data exfiltration, and PayoutsKing ransomware deployment

Morgan Demboski

Sophos Insights

LLM

AI

Exploit

vulnerability

Active Adversary

Pacific Rim

The vulnerability flood is here. Here’s what it means – and how to prepare

We can't control the pace of AI-driven vulnerability discovery, but we can control how fast we respond.

Ross McKerchar

Threat Research

OpenClaw

LLM

AI

penetration testing

Red Team

CISO

Sophos X-Ops

We let OpenClaw loose on an internal network. Here’s what it found

Following our article on the challenges posed by agentic AI, we gave OpenClaw access to one of our legacy networks

Ross McKerchar

Products & Services

CISO

Compliance

Is compliance complexity outpacing IT capacity?

No matter the country, industry, or company size, IT and cybersecurity teams report a heavy regulatory load and worry about staying aligned with requirements

Author - Sophos Logo