QEMU abused to evade detection and enable ransomware delivery
Sophos Blog
2026-04-16 08:00:00
收藏
The use of hidden virtual machines (VMs) enables long-term access, credential harvesting, data exfiltration, and PayoutsKing ransomware deployment
Categories: Threat Research
Tags: virtual machine, QEMU, PayoutsKing, GOLD ENCOUNTER, CitrixBleed2
目录
最新
- QEMU abused to evade detection and enable ransomware delivery
- We let OpenClaw loose on an internal network. Here’s what it found
- The vulnerability flood is here. Here’s what it means – and how to prepare
- Is compliance complexity outpacing IT capacity?
- Sophos named a 2026 Gartner® Peer Insights™ Customers' Choice for Managed Detection and Response
- The High Cost of Low Trust: Our Commitment to Radical Transparency
- The Cybersecurity Trust Reality in 2026
- Incident responders, s'il vous plait: Invites lead to odd malware events