News

Sophos AI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job

Bys s August 7, 2025

Following on from our preview, here’s Ben Gelman and Sean Bergeron’s research on enhancing command line classification with benign anomalous data

News

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088
Bys s January 28, 2026

Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads. “Discovered and patched in July 2025, government-backed threat actors linked to Russia and China as well as financially motivated

Read More Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088
News

Hackers target schools, towns in alarming attacks. Why aren’t more using New Jersey’s MS-ISAC ybersecurity service?
Bys s March 23, 2026

If you’re asking, “What MS-ISAC service?”, you’re not alone. Brianna Kudisch reports: A nationwide data breach exposing millions of K-12 students’ information, including kids in Cranford and Millburn. […] In November 2025, New Jersey signed on as a statewide member of the Multi-State Information Sharing and Analysis Center. It pays $795,000 for its annual membership, according to……

Read More Hackers target schools, towns in alarming attacks. Why aren’t more using New Jersey’s MS-ISAC ybersecurity service?
News

New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP
Bys s August 10, 2025

A novel attack technique could be weaponized to rope thousands of public domain controllers (DCs) around the world to create a malicious botnet and use it to conduct power distributed denial-of-service (DDoS) attacks. The approach has been codenamed Win-DDoS by SafeBreach researchers Or Yair and Shahak Morag, who presented their findings at the DEF CON…

Read More New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP
News

OPSEC Failure Exposes Coquettte’s Malware Campaigns on Bulletproof Hosting Servers
Bys s April 4, 2025

A novice cybercrime actor has been observed leveraging the services of a Russian bulletproof hosting (BPH) provider called Proton66 to facilitate their operations. The findings come from DomainTools, which detected the activity after it discovered a phony website named cybersecureprotect[.]com hosted on Proton66 that masqueraded as an antivirus service. The threat intelligence firm said it

Read More OPSEC Failure Exposes Coquettte’s Malware Campaigns on Bulletproof Hosting Servers
News

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
Bys s March 3, 2026

Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor authentication (MFA) protections. It’s advertised as a cybercrime platform by a threat group calling itself Jinkusu, granting customers access to a dashboard that lets them select a brand to impersonate or enter a brand’s real…

Read More Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
News

CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git
Bys s August 26, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws impacting Citrix Session Recording and Git to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2024-8068 (CVSS score: 5.1) – An improper privilege management vulnerability in Citrix Session Recording

Read More CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git

Similar Posts