The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Education, Health Sectors Facing Challenges as Nigeria Records 586,130 Cyber Threats in 6 Months
September 14, 2024
Between January and June 2024, a staggering 586,130 cyber threats were launched against Nigeria, especially the financial institutions and telecoms companies, with other sectors also facing specific challenges. According to the report, various industries face unique cybersecurity challenges. The education sector grappled with maintaining security amidst digital transformation. The healthcare industry struggled to balance handling sensitive ...
- I stole 20 GB of data from Capgemini – and now I’m leaking it, says cybercrook
September 13, 2024
A miscreant claims to have broken into Capgemini and leaked a large amount of sensitive data stolen from the technology services giant – including source code, credentials, and T-Mobile’s virtual machine logs. The French multinational IT and consulting firm did not immediately respond to The Register’s request for comment, and has yet to formally confirm or ...
- Fortinet confirms data breach after allegedly refusing to pay ransom
September 13, 2024
In an announcement posted on Fortinet’s website, the company said that someone gained access to a “limited number of files” stored on its instance of an unnamed third-party cloud-based shared file drive. The files included “limited data related to a small number of Fortinet customers,” the announcement added, stating that this affects less than 0.3% of ...
- Teenager arrested following cyber attack on Transport for London
September 13, 2024
A 17-year-old boy has been arrested following a cyber attack on Transport for London. Hackers may have accessed the bank details and home addresses of at least 5,000 customers, TfL admitted on Thursday. The Information Commissioner has been informed. National Crime Agency officers said they had arrested a teenager from Walsall, in the West Midlands, on ...
- Scammers advertise fake AppleCare+ service via GitHub repos
September 12, 2024
Malwarebytes Labs researchers uncovered a malicious campaign going after Mac users looking for support or extended warranty from Apple via the AppleCare+ support plans. The perpetrators are buying Google ads to lure in their victims and redirect them to bogus pages hosted on GitHub, the developer and code repository platform owned by Microsoft. The goal of ...
- BT spots 2,000 potential attacks on its network a second
September 12, 2024
Britain’s BT said it was spotting 2,000 signals of potential cyber-attacks across its network every second, as criminals were increasingly using disposable “bots” to try to evade existing blocking and security measures. The telecoms group said on Thursday that digital surveillance activity by hackers using malicious scanning “bots” was 1,200% higher in July compared to the ...