%term

How Corelight identified a years-old network issue in 30 minutes

May 11, 2026 By Corelight In Corelight

A global cruise line operating across maritime and resort environments was struggling with inconsistent detections, alert overload, and limited visibility from its existing NDR platform. In this customer story, Jay Miller from Corelight walks through how the organization evaluated its network visibility strategy, identified long-standing gaps in detection coverage, and improved investigation workflows across a complex environment with intermittent connectivity at sea.

View Video

Corelight

Read more about How Corelight identified a years-old network issue in 30 minutes

GPT-5.5-Cyber is here. What it means for defenders operating at the frontier.

May 11, 2026 By John Peterson In Sophos

GPT-5.5-Cyber is here. What it means for defenders operating at the frontier. OpenAI’s May 7 release of GPT-5.5 and the limited preview of GPT-5.5-Cyber put frontier AI in verified defenders’ hands. As a member of the Trusted Access for Cyber program, Sophos is using these models to sharpen what we already operate: an agentic SOC that resolves more than half of cases without a human, and an endpoint architecture purpose-built to stop AI-generated zero-days.

Read Post

Sophos

Read more about GPT-5.5-Cyber is here. What it means for defenders operating at the frontier.

Sophos named a Leader in the KuppingerCole Analysts Leadership Compass for Managed Detection and Response 2026

May 8, 2026 By Sophos In Sophos

Sophos named a Leader in the KuppingerCole Analysts Leadership Compass for Managed Detection and Response 2026 Sophos recognized across four leadership categories: Overall, Product, Innovation, and Market Sophos has been named an Overall Leader in the 2026 KuppingerCole Analysts Leadership Compass for Managed Detection and Response (MDR).

Read Post

Sophos

Read more about Sophos named a Leader in the KuppingerCole Analysts Leadership Compass for Managed Detection and Response 2026

Securonix Connects Threat Intelligence to Action with AI-Powered Threat Research Agent and ThreatWatch Validation

May 7, 2026 By Securonix In Securonix

Threat Research Agent and ThreatWatch combine AI-driven threat research and exposure validation to help security teams act with confidence.

Read Post

Securonix

Read more about Securonix Connects Threat Intelligence to Action with AI-Powered Threat Research Agent and ThreatWatch Validation

Donuts and Beagles: Fake Claude site spreads backdoor

May 7, 2026 By Chaitanya Ghorpade In Sophos

A malicious imitation of Anthropic’s Claude site leads to DLL sideloading – and a backdoor As we reported on social media recently, Sophos X-Ops has been investigating reports of a fake Claude AI website distributing malware. Like other researchers, we thought this might be a PlugX-like campaign, given that the attack chain shares several characteristics with observed PlugX attacks.

Read Post

Sophos

Read more about Donuts and Beagles: Fake Claude site spreads backdoor

How AI-accelerated threat discovery is reshaping network security

May 7, 2026 By Barbara Hudson In Sophos

How AI-accelerated threat discovery is reshaping network security As vulnerabilities are discovered faster than ever, organizations must rethink how they reduce exposure and contain risk at the network edge. Claude Mythos Preview has reignited debate about AI-driven cyber attacks, but the real shift isn’t what AI finds, it’s how quickly issues at the network edge can turn into impact. This post explores what’s changed and how network security must adapt to keep up.

Read Post

Sophos

Read more about How AI-accelerated threat discovery is reshaping network security

The Hackers Who Left Their Entire Playbook Online

May 7, 2026 By Sophos In Sophos

A ransomware group called Warlock tore through more than 60 organisations in six months, targeting the nuclear energy, aerospace, and government sectors. They chain zero-days and neutralise antivirus software using signed Chinese drivers. This is how they operate and how the Sophos CTU tracked them across eleven incidents to expose their full playbook

View Video

Sophos

Read more about The Hackers Who Left Their Entire Playbook Online

Sophos Firewall: Integrate Active Directory

May 7, 2026 By Sophos In Sophos

A step-by-step tutorial for integrating Active Directory in your Sophos Firewall. The steps are shown in SFOS v21, so the steps and user interface may vary slightly in later versions. Ask questions and get expert answers in the Sophos Community.

View Video

Sophos

Read more about Sophos Firewall: Integrate Active Directory

CYJAX Launches Compromised Device Alerting to Detect Threats Earlier

May 7, 2026 By CYJAX In CYJAX

Detect compromised devices before attackers act. CYJAX’s new alerting identifies stealer malware infections and exposed credentials in near real time. CYJAX today announced the launch of Compromised Device Alerting, a new capability designed to help organisations identify compromised devices within their environment before attackers can act on stolen credentials.

Read Post

CYJAX

Read more about CYJAX Launches Compromised Device Alerting to Detect Threats Earlier

Episode 14 - Harvest Now, Decrypt Later: The Shift to Post-Quantum Cryptography

May 7, 2026 By Corelight In Corelight

The emergence of quantum computing has introduced a definitive expiration date for classical encryption, fueling a "harvest now, decrypt later" strategy among sophisticated nation-state actors. In this episode, Vince Stoffer joins Richard Bejtlich to demystify Post-Quantum Cryptography (PQC) and explain why organizations must move beyond a "set it and forget it" mentality regarding their encryption standards.

View Video