Sophos AI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job
Following on from our preview, here’s Ben Gelman and Sean Bergeron’s research on enhancing command line classification with benign anomalous data
Similar Posts
WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors
Bys sCybersecurity researchers are warning about a large-scale phishing campaign targeting WooCommerce users with a fake security alert urging them to download a “critical patch” but deploy a backdoor instead. WordPress security company Patchstack described the activity as sophisticated and a variant of another campaign observed in December 2023 that employed a fake CVE ploy to…
Filling the Most Common Gaps in Google Workspace Security
Bys sSecurity teams at agile, fast-growing companies often have the same mandate: secure the business without slowing it down. Most teams inherit a tech stack optimized for breakneck growth, not resilience. In these environments, the security team is the helpdesk, the compliance expert, and the incident response team all rolled into one. Securing the cloud office…
Askul says 740,000 sets of data breached in cyberattack
Bys sThe Japan Times reports: Japanese office supplies retailer Askul said that a ransomware cyberattack discovered in October led to the leakage of about 740,000 sets of data concerning its individual customers, corporate clients and employees. Of the total, about 590,000 sets of data were linked to its office supplies sales service for corporate customers, while……
Ryuk ransomware’s initial access expert extradited to the U.S. from Ukraine
Bys sBill Toulas reports: A member of the notorious Ryuk ransomware operation who specialized in gaining initial access to corporate networks has been extradited to the United States. The suspect is a 33-year-old foreign man who was arrested in April 2025 in his home in Kyiv at the request of the FBI. He was extradited to…
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]
Every tap, click, and swipe we make online shapes our digital lives, but it also opens doors—some we never meant to unlock. Extensions we trust, assistants we rely on, and even the codes we scan are turning into tools for attackers. The line between convenience and vulnerability has never been thinner. This week, we dive…
CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, noting that there is evidence of them being exploited in the wild. The vulnerabilities in question are listed below – CVE-2023-50224 (CVSS score: 6.5) – An authentication bypass by spoofing…