Sophos AI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job
Following on from our preview, here’s Ben Gelman and Sean Bergeron’s research on enhancing command line classification with benign anomalous data
Similar Posts
Company that sells software for monitoring sex offenders, terrorists, and hackers was hacked
Bys sMikael Thalen reports: A company that sells spyware that monitors individuals on parole and probation had its data leaked to a cybercrime forum this week. The leak, according to an analysis by Straight Arrow News, exposed highly sensitive information regarding employees of the corrections system and those under court-ordered supervision. The affected company, RemoteCOM, describes itself……
New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records
Bys sCybersecurity researchers have shed light on a new phishing-as-a-service (PhaaS) platform that leverages the Domain Name System (DNS) mail exchange (MX) records to serve fake login pages that impersonate about 114 brands. DNS intelligence firm Infoblox is tracking the actor behind the PhaaS, the phishing kit, and the related activity under the moniker Morphing Meerkat….
Conversation with a “Nam3L3ss” Watchdog, Part 1: Background
Bys sThis is a multi-part interview with the individual known as “Nam3L3ss” who leaked more than 100 databases on a popular hacking forum and will soon be leaking many more. Read the Preface. In this part, we talk about his background and what motivated him to do what he does. In Part 2, we talk about…
South Korea considers updates to data and cyber laws
Bys sCharmian Aw, Paul Otto, and Ciara O’Leary of Hogan Lovells write: Recent large‑scale data breaches across major sectors in Korea, including across the telecommunications, retail, and finance sector, have prompted swift and coordinated response from lawmakers and regulators. The National Assembly and relevant government agencies are advancing legislative amendments and updating regulatory measures to strengthen……
CISO’s Guide To Web Privacy Validation And Why It’s Important
Bys sAre your web privacy controls protecting your users, or just a box-ticking exercise? This CISO’s guide provides a practical roadmap for continuous web privacy validation that’s aligned with real-world practices. – Download the full guide here. Web Privacy: From Legal Requirement to Business Essential As regulators ramp up enforcement and users grow more privacy-aware, CISOs…
New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors
Bys sCybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code. “This technique enables hackers to silently compromise AI-generated code by injecting hidden malicious instructions into seemingly innocent