Sophos AI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job
Following on from our preview, here’s Ben Gelman and Sean Bergeron’s research on enhancing command line classification with benign anomalous data
Similar Posts
DHS Warns Pro-Iranian Hackers Likely to Target U.S. Networks After Iranian Nuclear Strikes
Bys sThe United States government has warned of cyber attacks mounted by pro-Iranian groups after it launched airstrikes on Iranian nuclear sites as part of the Iran–Israel war that commenced on June 13, 2025. Stating that the ongoing conflict has created a “heightened threat environment” in the country, the Department of Homeland Security (DHS) said in…
How Interlock Ransomware Infects Healthcare Organizations
Bys sThe Hacker News reports on Interlock: The Interlock ransomware group begins its attack with a strategic and highly deceptive method known as a Drive-by Compromise. This technique allows the group to gain initial access to targeted systems by exploiting unsuspecting users, often through carefully designed phishing websites. Initial Attack of the Ransomware# The attack starts…
How to Improve Okta Security in Four Steps
Bys sWhile Okta provides robust native security features, configuration drift, identity sprawl, and misconfigurations can provide opportunities for attackers to find their way in. This article covers four key ways to proactively secure Okta as part of your identity security efforts. Okta serves as the cornerstone of identity governance and security for organizations worldwide. However, this
Watchdog orders Lotte Card to compensate victims of hack
Bys sThe Korea JoongAng Daily reports: Financial regulators have ordered Lotte Card to set up a dedicated call center for victims of a recent hacking incident and to prepare procedures for full compensation in cases of any fraudulent card use. The order comes after a cyber breach was reported at the company with 9.65 million individual……
Behavioral Health Resources of Washington state updates its data breach disclosure
Bys sOn January 17, Behavioral Health Resources (“BHR”) notified the U.S. Department of Health and Human Services (HHS) of a reportable breach, but not yet having determined the number affected, they used “501” as a placeholder. They also published a preliminary notice on their website. That notice indicated that on or about November 20, 2024, they…
CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Lures
Bys sThe Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks carried out by a threat actor called UAC-0099 targeting government agencies, the defense forces, and enterprises of the defense-industrial complex in the country. The attacks, which leverage phishing emails as an initial compromise vector, are used to deliver malware families like MATCHBOIL,…