The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Uber driver info stolen yet again: This time from law firm
April 4, 2023
Uber has had more of its internal data stolen from a third party that suffered a security breach. This time, the personal info of the app’s drivers was swiped by miscreants from the IT systems of law firm Genova Burns. In a letter to affected drivers, the lawyers said they had looked into the intrusion, and ...
- Malaysia: Confirming cyber-attack, Immigration D-G says data not compromised
April 4, 2023
The Immigration Department’s official website is expected to be restored and accessible to the public later today after remedial action to an earlier cyber-attack, said Datuk Ruslin Jusoh. The Immigration director-general said the department took the website offline earlier in order to perform repairs as well as implement new security measures. Read more… Source: MSN News
- Hackers attack several Israeli university websites
April 4, 2023
The sites of Tel Aviv University, Hebrew University of Jerusalem, Ben-Gurion University of the Negev, Haifa University, Weizmann Institute of Science, Open University of Israel and Reichman University were among the sites inaccessible due to the cyberattack. The group posted a statement on its Telegram account, listing the attacked websites. “Infrastructure: Universities – Israel’s education sector ...
- Western Digital suffers cyber attack, shuts down systems
April 3, 2023
The company said on 3 April that it identified a network security incident on 26 March. It confirmed that an unauthorised third party gained access to a number of the company’s systems. After realising it had been breached, Western Digital enacted its incident response protocols and hired external security and forensic experts. Read more… Source: IT Pro
- Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack
April 3, 2023
On March 29, Crowdstrike published a report about a supply chain attack conducted via 3CXDesktopApp, a popular VoIP program. Since then, the security community has started analyzing the attack and sharing their findings. The following has been discovered so far: The infection is spread via 3CXDesktopApp MSI installers. An installer for macOS has also been trojanized. The ...
- Unpacking the Structure of Modern Cybercrime Organizations
April 3, 2023
Trend Micro reearchers examine three differently sized criminal groups to know how they compare to similarly sized legitimate businesses in terms of how they are organized. Trend Micro also discuss how threat researchers can use their knowledge of the size and structure of a target criminal organization to aid their investigation. The last 20 years have ...