The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- UK: Cyber security breaches survey 2024
April 9, 2024
Cyber security breaches and attacks remain a common threat. Half of businesses (50%) and around a third of charities (32%) report having experienced some form of cyber security breach or attack in the last 12 months. This is much higher for medium businesses (70%), large businesses (74%) and high-income charities with £500,000 or more in annual ...
- Cybercrime on agriculture operations and businesses is on the rise
April 9, 2024
When it comes to cyberattacks, ransomware and electronic fraud, farms and ranches are attracting the interest of hackers because they see these agriculture operations as potentially lucrative targets that may not have up-to-date fraud protection tools in place. Cathy Lennon, general manager of the Ontario Federation of Agriculture, says every point along the agrifood chain has ...
- NHS board warns patients of further data leak after cyber attack
April 9, 2024
An NHS board has warned patients that further personal information could be leaked by cyber criminals who stole medical data in a major cyber attack. A large amount of confidential data was taken from NHS Dumfries and Galloway during a sustained hacking attack. Last week, INC Ransom, an extortion operation, posted a message on its dark ...
- ScrubCrypt Deploys VenomRAT with an Arsenal of Plugins
April 8, 2024
Last year, FortiGuard Labs uncovered the 8220 Gang’s utilization of ScrubCrypt to launch attacks targeting exploitable Oracle WebLogic Servers. ScrubCrypt has been described as an “antivirus evasion tool” that converts executables into undetectable batch files. It offers several options to manipulate malware, making it more challenging for antivirus products to detect. FortiGuard Labs recently discovered a ...
- Vet firm CVS hit by cyber-attack
April 8, 2024
Vet group CVS says it has been hit by a cyber-attack which has caused “considerable” disruption, particularly to its UK business. CVS, which runs about 500 veterinary practices globally and employs more than 9,000 people, said it had taken immediate action and its IT services had now been “securely restored” across most of the group. Read more… Source: ...
- Evolving Threat Landscape: A Deep Dive into Multichannel Attacks Targeting Retailers
April 8, 2024
Threat actors no longer operate in silos. Today, they use multiple channels such as SMS, email, fake web pages, and compromised cloud accounts. They use these various channels to establish persistence and compromise identities so that they can elevate privileges and move laterally. Proofpoint Threat Research recently observed campaigns in which threat actors used multichannel attacks ...