The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Europcar’s Alleged Data Breach Wasn’t Done Using AI, Experts Argue
February 2, 2024
French car rental company Europcar made headlines earlier this week following reports of an alleged data breach affecting nearly 50 million customers. Cyber security platform HackManac reported the incident on January 30th, noting that the stolen database containing usernames, passwords, full names, addresses, and several other user-identifying information had been listed for sale on a hacking ...
- Cloudflare blames previous Okta breach for November 2023 cyberattack
February 2, 2024
Cloudflare is laying the blame for the cyberattack it suffered late last year the after-effects of the critical Okta breach. The content delivery service provider has published a blog post detailing the cybersecurity incident it suffered on Thanksgiving Day 2023, noting that on November 23, 2023, a threat actor accessed the company’s self-hosted Atlassian server. Read more… Source: ...
- US imposes fresh sanctions over Iranian arms, cyber activity
February 2, 2024
The United States on Friday imposed sanctions targeting Iran’s ballistic missile and drone procurement programmes as well as officials it said were involved in hacking US infrastructure, as Washington looks to increase pressure on Tehran. The US Treasury Department said in a statement on Friday it had imposed sanctions on four Iran- and Hong Kong-based companies ...
- Ukraine says 2,000 computers of state firm were impacted in cyber attack
February 1, 2024
Ukraine’s state computer emergency response team CERT-UA said on Thursday around 2,000 computers had been affected in the recent cyber attack on an unnamed state-run company. “As part of the detailed study of the cyber threat, the obtained malware samples were examined, the peculiarities of the functioning of the infrastructure of control servers were established, and ...
- Volt Typhoon Actors Exploiting Insecure SOHO Routers
January 31, 2024
Threat actors—particularly the People’s Republic of China (PRC)—sponsored Volt Typhoon group—are compromising small office/home office (SOHO) routers by exploiting software defects that manufacturers must eliminate through secure software design and development. Specifically, Volt Typhoon actors are exploiting security defects in SOHO routers to use them as launching pads to further compromise U.S. critical infrastructure entities. CISA ...
- Czech cyber security agency reports record number of attacks in 2023
January 31, 2024
Czechia’s National Cyber and Security Information Agency says it registered a record number of cyber-attacks last year. The state organisation said on its website on Wednesday that it had recorded 262 such attacks in 2023, compared to 146 the previous year. The agency said the increase was mainly due to repeated waves of DDoS attacks led ...