SophosAI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job
Sophos’ Ben Gelman and Sean Bergeron will present their research on enhancing command line classification with benign anomalous data at Las Vegas
Similar Posts
CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures
Bys sCybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web browser and trick victims into running arbitrary commands using ClickFix-like lures to deliver a previously undocumented remote access trojan (RAT) dubbed ModeloRAT. This new escalation of ClickFix…
Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities
Bys sZimbra has released software updates to address critical security flaws in its Collaboration software that, if successfully exploited, could result in information disclosure under certain conditions. The vulnerability, tracked as CVE-2025-25064, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as an SQL injection bug in the ZimbraSync…
Qilin Leads April 2025 Ransomware Spike with 45 Breaches Using NETXLOADER Malware
Bys sThreat actors with ties to the Qilin ransomware family have leveraged malware known as SmokeLoader along with a previously undocumented .NET compiled loader codenamed NETXLOADER as part of a campaign observed in November 2024. “NETXLOADER is a new .NET-based loader that plays a critical role in cyber attacks,” Trend Micro researchers Jacob Santos, Raymart Yambot,…
The PIPC Sanctions Woori Card for Data Breaches, Imposing KRW 13.45 billion
Bys sThe Personal Information Protection Commission (PIPC) held its seventh plenary meeting of 2025 and reached a decision to sanction Woori Card Co., Ltd. (Woori Card) for data breaches on March 26, 2025. Administrative sanctions by the PIPC are as follows: A penalty for violations (Gwajingguem) of KRW 13.45 billion; A publication order of sanction results…
St. Thomas Brushed Off Red Flags Before Dark-Web Data Dump Rocks Houston
Bys sElliott Greene reports: Hundreds of thousands of University of St. Thomas files have appeared on the dark web after a summer cyberattack that shut down campus systems and key services. Students, faculty, and alumni say they’ve received little information as experts and law enforcement work to find out what data was stolen, as reported by Houston……
LockBit 5’s “new secure blog domain” infra leaked already
Bys sIt seems like only yesterday that LockBit 5.0 announced, with its usual hubris, a “new secure blog domain, with a multi-layered protection system against all-powerful FBI agents.” And it seems like only yesterday that Rakesh Krishnan revealed LockBit 5’s IP address and domain. In a post on X.com on December 5, @RakeshKrish12 wrote: Exposing……