The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- UnitedHealth hid its Change Healthcare data breach notice for months
January 15, 2025
Change Healthcare, the UnitedHealth-owned health tech company that lost more than 100 million people’s sensitive health data in a ransomware attack last year, said on Tuesday that the company has “substantially” completed notifying affected individuals about the massive data breach. The February 2024 ransomware attack on Change Healthcare, one of the biggest processors of patient billing ...
- Multi-Vector DDoS Attacks: What They Are and How to Stay Protected
January 15, 2025
Multi-vector DDoS attacks have emerged as one of the biggest challenges in cybersecurity today. The number of such incidents has been growing significantly year over year. In this article, we’ll break down what multi-vector attacks are, how they work, and why they’re such a pressing threat. As DDoS attacks evolve, it becomes increasingly difficult to combat ...
- One Step Ahead in Cyber Hide-and-Seek: Automating Malicious Infrastructure Discovery With Graph Neural Networks
January 13, 2025
When launching and persisting attacks at scale, threat actors can inadvertently leave behind traces of information. They often reuse, rotate and share portions of their infrastructure when automating their campaign’s setup before launching an attack. Defenders can leverage this behavior by pivoting on a few known indicators to uncover newer infrastructure. This article describes the benefits ...
- Nominet confirms cybersecurity incident linked to Ivanti VPN hacks
January 13, 2025
Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent exploitation of a new Ivanti VPN vulnerability. In an email to customers, seen by TechCrunch, Nominet warned of an “ongoing security incident” under investigation. Nominet said hackers accessed its systems via “third-party VPN software ...
- Meet FunkSec: A New, Surprising Ransomware Group, Powered by AI
January 10, 2025
The FunkSec ransomware group emerged in late 2024 and published over 85 victims in December, surpassing every other ransomware group that month. FunkSec operators appear to use AI-assisted malware development, which can enable even inexperienced actors to quickly produce and refine advanced tools. The group’s activities straddle the line between hacktivism and cybercrime, complicating efforts to ...
- Millions of Vinted, Spotify and Tinder users’ data could be compromised in global hack
January 10, 2025
Millions of users of popular apps such as Vinted, Spotify, Candy Crush and Tinder may have had their sensitive location data stolen by an unknown hacker who has posted details on a Russian-language site popular with cyber-criminals. In what is being treated as a major international data breach, it is being reported that hackers have ...