The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- UK: Council worker took tens of thousands of email addresses in massive data breach
February 19, 2024
A massive data breach by a worker at Stratford-on-Avon District Council saw tens of thousands of email addresses taken. The breach, which happened in November last year, was over a database of email addresses given by residents, the authority said. The probe found that around 79,000 email addresses from the garden waste collection database were affected. ...
- Ransomware Attack Disrupts Over 100 Romanian Hospitals, Including Cancer and Pediatric Centers
February 19, 2024
A massive ransomware attack has disrupted operations in multiple Romanian hospitals after encrypting databases and files. It targeted the Hipocrate Information System (HIS), an integrated healthcare management system sold by Romanian Soft Company (RSC). A significant portion of the Romanian healthcare system, including pediatric and oncology centers, was impacted, forcing staff to resort to manual systems ...
- ALPHV ransomware says it was behind attacks on loanDepot, Prudential Financial
February 19, 2024
The infamous ALPHV ransomware operator (also known as BlackCat) has added two companies to its data leak site – Prudential Financial, and loanDepot, in a seeming admission it was behind the attacks on both companies. So far, the group has only added the names to its site, with the actual data not yet available. Apparently, the ...
- UK: Water group made loss in wake of cyber attack
February 19, 2024
The Walsall-headquartered integrated serviced group, which operates South Staffordshire Water and Cambridge Water, posted a pre-tax loss of £23.1 million for the year to the end of March from a £7.6m profit a year earlier. The losses was put down to the impact of rising costs including on energy and chemicals, higher than expected water production ...
- Why are ransomware gangs making so much money?
February 17, 2024
For many organizations and startups, 2023 was a rough year financially, with companies struggling to raise money and others making cuts to survive. Ransomware and extortion gangs, on the other hand, had a record-breaking year in earnings, if recent reports are anything to go by. It’s hardly surprising when you look at the state of the ...
- Alpha Ransomware Emerges From NetWalker Ashes
February 16, 2024
Alpha, a new ransomware that first appeared in February 2023 and stepped up its operations in recent weeks, has strong similarities to the long-defunct NetWalker ransomware, which disappeared in January 2021 following an international law enforcement operation. The NetWalker Connection Analysis of Alpha reveals significant similarities with the old NetWalker ransomware. Both threats use a similar ...