Sophos AI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job
Following on from our preview, here’s Ben Gelman and Sean Bergeron’s research on enhancing command line classification with benign anomalous data
Similar Posts
EEOC experienced security incident involving an Opexus employee’s ‘unauthorized’ access, email says
Bys sDavid DiMolfetta reports: The Equal Employment Opportunity Commission was impacted in an internal data security incident that occurred around a year ago, and involved a contractor’s employees mishandling sensitive information in one of the agency’s systems, according to a notification email obtained by Nextgov/FCW. The breach in the EEOC’s Public Portal system, which the agency was……
Six months after discovering an attack, Northwest Radiologists notifies almost 350,000 Washington State residents
Bys sOn January 20, 2025 Mt. Baker Imaging and Northwest Radiologists in Washington State (collectively, “Northwest Radiologists”) experienced a network intrusion that they discovered on January 25. Although media reported on the incident on January 27, it was not until March 26 that Northwest Radiologists posted a notice on its website (archived). DataBreaches could find no…
Application Containment: How to Use Ringfencing to Prevent the Weaponization of Trusted Software
Bys sThe challenge facing security leaders is monumental: Securing environments where failure is not an option. Reliance on traditional security postures, such as Endpoint Detection and Response (EDR) to chase threats after they have already entered the network, is fundamentally risky and contributes significantly to the half-trillion-dollar annual cost of cybercrime. Zero Trust fundamentally shifts
Generative AI and cybersecurity: What Sophos experts expect in 2026
Bys sCategories: Sophos Insights Tags: Sophos AI, Gen AI, Year in Review
CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits
Bys sThe Computer Emergency Response Team of Ukraine (CERT-UA) is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests. The AnyDesk requests claim to be for conducting an audit to assess the “level of security,” CERT-UA added, cautioning organizations to be on the lookout for such social…
Fake Madgicx Plus and SocialMetrics Extensions Are Hijacking Meta Business Accounts
Bys sCybersecurity researchers have disclosed two new campaigns that are serving fake browser extensions using malicious ads and fake websites to steal sensitive data. The malvertising campaign, per Bitdefender, is designed to push fake “Meta Verified” browser extensions named SocialMetrics Pro that claim to unlock the blue check badge for Facebook and Instagram profiles. At least…