The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- A Windows filetype update may have complicated cyber threat detection efforts
January 4, 2025
The use of archive files as malware delivery mechanisms is evolving, presenting challenges for Secure Email Gateways (SEGs), new research has claimed. A recent report by Cofense highlights how cybercriminals exploit various archive formats to bypass security protocols, particularly following a significant update to Windows in late 2023. Traditionally, .zip files have been the most common ...
- Top AI Trends from 2024 – A Look Back
January 3, 2025
2024 may go down as the year AI stopped being a technological novelty and became—more consequentially—a Fact of Life. Big names like Microsoft, Salesforce, and Intuit built AI into mainstream enterprise solutions; specialized AI apps and services sprung up for everything from copywriting to data analysis; and governments, think tanks, and regulators poured effort into ...
- Nigeria, South Africa, Algeria top targets for cyber attacks in 2024
January 1, 2025
In the first half of 2024, Nigeria saw 2,721 incidents, with the telecom sector, computer services sector, Data processing and hosting companies, and even local beauty salons having a fair dose of the attacks respectively. At the time, experts attributed the rise in cyberattacks to digital transformation initiatives the country was carrying out such as adoption ...
- Thomas Cook India website goes down after cyberattack
January 1, 2025
Thomas Cook India has announced that its IT infrastructure is under a cyberattack. The travel services provider also said it’s working with security experts to investigate the incident and will take necessary remedial actions. The company stated that it promptly took steps to investigate and respond upon discovering the incident, including shutting down affected systems. The company’s ...
- Catching “EC2 Grouper”- no indicators required!
December 30, 2024
Through the years of analyzing identity compromises in the cloud, Fortinet researchers have seen the same attackers pop up regularly, some more frequently than others. Among the more prolific ones they’ve come to know is one they’ve dubbed “EC2 Grouper”. Over the past couple of years, they’ve seen this actor in several dozen customer environments, ...
- U.S. Treasury Department Says Systems Hacked by China-Backed Actor
December 30, 2024
The Treasury Department told lawmakers Monday that a state-sponsored actor in China hacked its systems, accessing several user workstations and certain unclassified documents. The treasury was informed on Dec. 8 by a third-party software service provider, BeyondTrust, that a threat actor used a stolen key to remotely access certain workstations and unclassified documents, according to a ...