The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- JG Summit Holdings probing ‘possible’ cyber attack
August 9, 2024
Gokongwei-led conglomerate JG Summit Holdings Inc. is investigating an alleged cybersecurity attack which was claimed to have affected thousands of the company’s computers. RansomHub, which was supposedly responsible for the attack, expressed frustration over being ignored by JG Summit and was threatening to initiate additional attacks if its demands were not met, according to Deep Web ...
- Royal Ransomware Actors Rebrand as “BlackSuit”
August 8, 2024
The FBI and CISA recently published an update to the joint Cybersecurity Advisory “#StopRansomware: Royal Ransomware.” The updated advisory provides network defenders with recent and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with BlackSuit variants (previously Royal). FBI investigations identified these TTPs and IOCs as recently as July 2024. See ...
- Russia: Massive DDoS attack on Kursk Region repelled
August 8, 2024
The Ministry of Digital Development, Communications and Mass Media of the Russian Federation has reported that a massive distributed denial-of-service (DDoS) attack on the Kursk Region’s local services has been successfully thwarted. “A massive DDoS attack on the regional services of the Kursk Region has been repelled and specialists have already restored all online activity,” the ...
- Greece leaves spy services unchecked on Predator hacks
August 7, 2024
Greece’s 2022 espionage scandal dubbed “Predatorgate” had everything: eavesdropping on politicians, journalists and judges, exports of shady software to dictatorial regimes and high-profile resignations. Fast-forward two years and everyone in government is off the hook. In a 300-page report seen by POLITICO, deputy prosecutor of the Supreme Court Achilles Zisis argued that a series of controversial ...
- Cloud Cover: How Malicious Actors Are Leveraging Cloud Services
August 7, 2024
The number of threat actors leveraging legitimate cloud services in their attacks has grown this year as attackers have begun to realize their potential to provide low-key and low-cost infrastructure. Traffic to and from well known, trusted services such as Microsoft OneDrive or Google Drive may be less likely to raise red flags than communications with ...
- UK: Port of Tyne website hit by cyber attack
August 7, 2024
A port has fallen victim to cyber attackers who targeted its website. The Port of Tyne confirmed its site was down for some time on Tuesday following a distributed denial of service (DDOS) attack, which attempts to overload a website to make it hard to use or inaccessible. A spokesman for the port said operational systems, ...