The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- UK: TfL still affected by ‘ongoing cyber incident’
September 6, 2024
Transport for London (TfL) has restricted its online services as its computer systems continue to be affected by a cyber attack. The organisation said it took action including limiting access to some live travel information services via apps and its website, and preventing passengers from viewing their journey history for trips paid for by contactless cards. ...
- Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure
September 5, 2024
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm ...
- Tropic Trooper spies on government entities in the Middle East
September 5, 2024
Tropic Trooper (also known as KeyBoy and Pirate Panda) is an APT group active since 2011. This group has traditionally targeted sectors such as government, healthcare, transportation and high-tech industries in Taiwan, the Philippines and Hong Kong. Kaspersky recent investigation has revealed that in 2024 they conducted persistent campaigns targeting a government entity in the Middle ...
- Victoria: Simmering anger from firies over cyber attack details
September 5, 2024
Two years on from a cyber attack firefighters say their systems are not fully restored and they still do not know if their information was leaked. Victoria’s fire service says it continues to update the workforce about a cyber attack, but the firefighting union is fuming, saying it is still in the dark over the incident ...
- Mallox ransomware: in-depth analysis and evolution
September 4, 2024
Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide. In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released ...
- Planned Parenthood confirms cyber-attack as RansomHub threatens to leak data
September 4, 2024
Planned Parenthood of Montana’s chief exec says the org is responding to a cyber-attack on its systems, and has drafted in federal law enforcement and infosec professionals to help investigate and rebuild its IT environment. This comes as ransomware crew RansomHub boasted it had broken into the nonprofit, and stolen its data, which it is threatening ...