Sophos AI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job
Following on from our preview, here’s Ben Gelman and Sean Bergeron’s research on enhancing command line classification with benign anomalous data
Similar Posts
Google: Hackers target Salesforce accounts in data extortion attacks
Bys sBill Toulas reports: Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organizations’ Salesforce platforms. According to Google’s Threat Intelligence Group (GTIG), which tracks the threat cluster as ‘UNC6040,’ the attacks target English-speaking employees with voice phishing attacks to trick them into…
Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams
Bys sResearchers see dozens of fake DeepSeek websites used for credential phishing, cryptocurrency theft, and scams. The post Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams appeared first on SecurityWeek.
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool
Bys sSalesforce has warned of an increase in threat actor activity that’s aimed at exploiting misconfigurations in publicly accessible Experience Cloud sites by making use of a customized version of an open-source tool called AuraInspector. The activity, per the company, involves the exploitation of customers’ overly permissive Experience Cloud guest user configurations to obtain access to…
Plastic surgeons often store nude photos of patients with their identity information. When would we call that “negligent?”
Bys sClaims of “negligence” are often raised in lawsuits. DataBreaches is not a lawyer, of course, but wonders whether by now, we should consider a plastic surgeon “negligent” in their data security if they store nude photos of their patients with patient names and identity information in plain text and no strong encryption or suitable alternative…
Marietta also affected by BridgePay ransomware attack.
Bys sMarietta, Georgia is one of numerous entities affected by the BridgePay ransomware attack. On February 13, the city posted the following notice on its website: The City of Marietta is currently unable to process certain online credit card payments due to a recent service disruption by one of the City’s payment gateway providers. We are……
Aflac notifies SEC of breach suspected to be work of Scattered Spider
Bys sOn June 20, Aflac notified the SEC of unauthorized access to its network: On June 12, 2025, Aflac Incorporated, a Georgia corporation (the “Company”), identified unauthorized access to its network. The Company promptly initiated its cybersecurity incident response protocols and believes that it contained the intrusion within hours. The Company’s business remains operational, and its…