The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- CISA and Partners Update the #StopRansomware Guide
May 23, 2023
Today, CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published an updated version of the #StopRansomware Guide, as ransomware actors have accelerated their tactics and techniques since its initial release in 2020. The update incorporates lessons learned from the past two years and ...
- Apria Healthcare says potentially 2M people caught up in IT security breach
May 23, 2023
Personal and financial data describing almost 1.9 million Apria Healthcare patients and employees may have been accessed by crooks who breached the company’s networks over a series of months in 2019 and 2021. The home healthcare equipment provider, which says it serves about two million patients from 280 locations across America, said it discovered the intrusion ...
- Dish confirms 300,000 people’s data was exposed in February’s attack
May 23, 2023
Dish Network has admitted that a February cybersecurity incident and associated multi-day outage led to the extraction of data on nearly 300,000 people, while also appearing to indirectly admit it may have paid cybercriminals to delete said data. Dish customers can rest easy, at the very least, as the company said in a sample letter posted ...
- Dorchester school IT system held to ransom in cyber attack
May 23, 2023
A school has been left unable to use email or accept payments following a cyber attack. Thomas Hardye School in Dorchester said its screens and systems had been locked since being targeted on Sunday. It said the attack was accompanied by a ransom demand, payable on the dark web. Read more… Source: BBC News
- Don’t @ Me: URL Obfuscation Through Schema Abuse
May 22, 2023
A technique is being used in the distribution of multiple families of malware that obfuscates the end destination of a URL by abusing the URL schema. Mandiant tracks this adversary methodology as “URL Schema Obfuscation”. The technique could increase the likelihood of a successful phishing attack, and could cause domain extraction errors in logging or security ...
- Cyber Signals: Shifting tactics fuel surge in business email compromise
May 19, 2023
Today Microsoft released the fourth edition of Cyber Signals highlighting a surge in cybercriminal activity around business email compromise (BEC). Microsoft has observed a 38 percent increase in cybercrime as a service (CaaS) targeting business email between 2019 and 2022. Successful BEC attacks cost organizations hundreds of millions of dollars annually. In 2022, the FBI’s Recovery ...