.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
Threat Research
OpenClaw
LLM
AI
penetration testing
Red Team
CISO
Sophos X-Ops
We let OpenClaw loose on an internal network. Here’s what it found
Following our article on the challenges posed by agentic AI, we gave OpenClaw access to one of our legacy networks
Threat Research
STAC6405
infostealer
RMM
Phishing
Incident responders, s'il vous plait: Invites lead to odd malware events
A phishing campaign targeting multiple organizations led to RMM installations – but not much else (yet). A threat actor experimenting, or an access-as-a-service attack underway?
Threat Research
Iran
initial access
Initial access techniques used by Iran-based threat actors
Analysis of attacks originating from Iran-linked threat groups reveals a preference for certain techniques
…