The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Microsoft fixes Windows zero-day exploited in ransomware attacks
March 14, 2023
Microsoft has patched another zero-day bug used by attackers to circumvent the Windows SmartScreen cloud-based anti-malware service and deploy Magniber ransomware payloads without raising any red flags. The attackers have been using malicious MSI files signed with a specially crafted Authenticode signature to exploit this security feature bypass vulnerability (tracked as CVE-2023-24880). Read more… Source: Bleeping Computer Related story: ...
- Cyprus: Land registry website problems due to ‘cyber attack’
March 12, 2023
After a “thorough evaluation of all data”, the land registry department on Sunday said the technical problem that saw it go offline since Wednesday was due to a “cyber attack” The department said that due to the nature of the problem and the size of the systems, they will be gradually restored, starting with the restoration ...
- “Massive” cyber attack crashes African Union’s system
March 11, 2023
Cyber attackers prey on the African Union (AU), resulting in the unscheduled suspension of its systems. The Reporter got a copy of an internal memo that said an attack on the AU data center started last week, making services and applications unavailable. Sources say that more than 200 corrupted devices have been found and are being ...
- What happens if you ‘cover up’ a ransomware infection? For Blackbaud, a $3m charge
March 10, 2023
Blackbaud has agreed to pay $3 million to settle charges that it made misleading disclosures about a 2020 ransomware infection in which crooks stole more than a million files on around 13,000 of the cloud software slinger’s customers. According to America’s financial watchdog, the SEC, Blackbaud will cough up the cash – without admitting or denying ...
- Canada: Cyber attack hits engineering giant with contracts for military bases, power plants
March 9, 2023
A Canadian engineering giant whose work involves critical military, power and transportation infrastructure across the country has been hit with a ransomware attack. Toronto-based Black & McDonald has so far refused to publicly comment on the cyberattack, while the Department of National Defence and other clients of the company have downplayed any impact or damage. Read more… Source: ...
- IceFire ransomware now encrypts both Linux and Windows systems
March 9, 2023
Threat actors linked to the IceFire ransomware operation now actively target Linux systems worldwide with a new dedicated encryptor. SentinelLabs security researchers found that the gang has breached the networks of several media and entertainment organizations around the world in recent weeks, starting mid-February, according to a report shared in advance with BleepingComputer. Read more… Source: Bleeping Computer