Blog

A research team at SentinelOne’s partner, Aon (Stroz Friedberg) published research this week that discussed a local bypass technique that had the potential to impact SentinelOne’s Windows agent. These researchers first contacted SentinelOne in mid-January 2025 to share the issue. Upon being contacted by Stroz’s researchers, we immediately issued an update that prevents such techniques […]

In recent weeks, the DragonForce ransomware group has been targeting UK retailers in a series of coordinated attacks causing major service disruptions. Prominent retailers such as Harrods, Marks and Spencer, and the Co-Op have all reported ongoing incidents affecting payment systems, inventory, payroll and other critical business functions. DragonForce has previously been attributed for a

The Good | FBI Shares 42,000 Phishing Domains After LabHost PhaaS Platform Takedown Since dismantling one of the world’s largest phishing-as-a-service (PhaaS) platforms, the FBI has shared 42,000 domains tied to it, helping cyber defenders identify IoCs and enhance their detection capabilities. Source: BleepingComputer LabHost operated from November 2021 until April 2024 and offered phishing

At SentinelOne, we believe AI should do more than just assist security teams – it should act as an extension of every analyst, reasoning and acting like an experienced human defender to help stop attacks in real-time. Today, SentinelOne is rolling out a new agentic AI strategy with the Purple AI Athena release built on

AWS SageMaker Studio is a comprehensive, integrated environment for building, training, and deploying machine learning (ML) models. It provides an intuitive interface that streamlines the ML lifecycle, enabling data scientists and developers to work more efficiently. Within SageMaker Studio, Jupyter Notebooks and JupyterLab serve as powerful tools for interactive coding, data exploration, and experimentation. JupyterLab,

Organizations everywhere are racing to move faster in the cloud, but the surge in distributed applications, multi-cloud footprints, patchworked tools and AI-powered attacks across every surface has created a perfect storm for security teams. As high-profile breaches continue to make headlines and security professionals continue to struggle with visibility gaps and overwhelming alerts, it’s clear

The Good | CVE & CWE Programs Receive Funding from CISA to Ensure Continued Operation Up until a few days ago, the global cybersecurity community was bracing for widespread disruption – U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs was set to expire on April 16, 2025.

Foreword & Guest Author Bio As part of this ongoing series, SentinelOne is excited to present a series of guest blogs from cloud security experts covering their views on cloud security best practices. Following on from blogs from Aidan Steele and Don Magee who both focused on best practices to building securely in the cloud,

There is an oft-referenced quote in economics about the impact of computing on the workplace in the 1980s. Economist Robert Solow remarked in 1987 that “You can see the computer era everywhere but in the productivity statistics.” In the years that followed Solow’s observation, workplace productivity increased, but not at levels anticipated by the white-hot

The Good | Police Detain Five SmokeLoader Malware Customers in New Phase of Operation Endgame Law enforcement is intensifying its efforts to target the customers behind major malware loaders like IcedID, Bumblebee, Pikabot, TrickBot, SystemBC, and SmokeLoader – all of which were dismantled last year as part of Operation Endgame. This week, Europol confirmed that