The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Many businesses don’t even know they’ve been hit by a security breach
July 19, 2023
Many businesses don’t know if they have suffered a data breach, and probably wouldn’t be able to spot such an event at all, due to the ever-expanding threat landscape, and notification fatigue among IT staff, new research has claimed. A report from cybersecurity experts Vectra AI surveying more than 2,000 IT security analysts found that nearly ...
- Estee Lauder says hacker obtained some data from its systems
July 19, 2023
Beauty products maker Estee Lauder said on Tuesday that a hacker had obtained some data from its systems, and the incident was expected to cause disruption to parts of the company’s operations. The firm said it is working to understand the nature and scope of that data that was stolen. Estee Lauder added that it had ...
- FIN8 Uses Revamped Sardonic Backdoor to Deliver Noberus Ransomware
July 18, 2023
Symantec’s Threat Hunter Team, a part of Broadcom, recently observed the Syssphinx (aka FIN8) cyber-crime group deploying a variant of the Sardonic backdoor to deliver the Noberus ransomware. While analysis of the backdoor revealed it to be part of the Sardonic framework previously used by the group, and analyzed in a 2021 report from Bitdefender, it ...
- How Hackers Could Attack Electric Vehicle Chargers
July 18, 2023
With his electric Kia EV6 running low on power, Sky Malcolm pulled into a bank of fast-chargers near Terre Haute, Indiana, to plug in. As his car powered up, he peeked at nearby chargers. One in particular stood out. Instead of the businesslike welcome screen displayed on the other Electrify America units, this one featured a ...
- Fortescue Hit by Cyber Attack That Saw Network Data Disclosed
July 18, 2023
Fortescue Metals Group Ltd. said it had been subject to a cyber attack that resulted in “the disclosure of a small portion of data from our networks.” The world’s fourth-largest iron ore exporter described the attack as “a low impact cyber incident” that occurred on May 28. The information disclosed “was not confidential in nature,” the ...
- DDoS threat report for 2023 Q2
July 18, 2023
The second quarter of 2023 was characterized by thought-out, tailored and persistent waves of DDoS attack campaigns on various fronts, including: Multiple DDoS offensives orchestrated by pro-Russian hacktivist groups REvil, Killnet and Anonymous Sudan against Western interest websites. An increase in deliberately engineered and targeted DNS attacks alongside a 532% surge in DDoS attacks exploiting the Mitel ...