The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Greece Orders Probe into Exam System Cyber-Attacks
May 31, 2023
Greece’s Supreme Court launched on Tuesday an urgent investigation into the cyber-attacks targeting the Greek high school exams that were interrupted two days running. Following a second cyber-attack on the data bank providing the exam questions, Supreme Court Public Prosecutor Isidoros Dogiakos ordered an investigation with the assistance of the Hellenic Police Cyber Crime Unit. Read more… Source: ...
- Capita cyber-attack: 90 organisations report data breaches
May 30, 2023
About 90 organisations have reported breaches of personal information held by Capita after the outsourcing group suffered a cyber-attack, Britain’s data watchdog has said. The company, which runs crucial services for local councils, the military and the NHS, experienced the hack, which caused a significant IT outage, in March. Read more… Source: The Guardian
- MCNA Dental data breach impacts 8.9 million people after ransomware attack
May 29, 2023
Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised. MCNA Dental is one of the largest government-sponsored (Medicaid and CHIP) dental care and oral health insurance providers in the U.S. Read more… Source: Bleeping Computer
- New York county still dealing with ransomware eight months after attack
May 29, 2023
The fallout from an eight-month-old cyber attack on a county in Long Island, New York has devolved into mud-slinging as leaders try to figure out just what is going on. Suffolk County was hit with a ransomware attack in early September 2022, which led county executive Steve Bellone to issue nine separate emergency declarations, Long ...
- Lazarus hackers target Windows IIS web servers for initial access
May 29, 2023
The notorious North Korean state-backed hackers, known as the Lazarus Group, are now targeting vulnerable Windows Internet Information Services (IIS) web servers to gain initial access to corporate networks. Lazarus is primarily financially motivated, with many analysts believing that the hackers’ malicious activities help fund North Korea’s weapons development programs. However, the group has also been ...
- Senegalese government websites hit with cyber attack
May 27, 2023
A group of hackers called Mysterious Team made multiple Senegalese government websites go offline overnight on Friday by hitting them with denial-of-service (DDoS) attacks, a government spokesperson said. The group claimed responsibility for the cyber attacks in a series of Twitter posts using the hashtag #FreeSenegal used by campaigners alleging political repression in Senegal. Read more… Source: Reuters