The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cloudflare blocks record-breaking 71 million RPS DDoS attack
February 13, 2023
This weekend, Cloudflare blocked what it describes as the largest volumetric distributed denial-of-service (DDoS) attack to date. The attacks were launched using over 30,000 IP addresses from multiple cloud providers against various targets, including gaming providers, cloud computing platforms, cryptocurrency firms, and hosting providers. Read more… Source: Bleeping Computer
- Play Ransomware lists A10 Networks on its leak site
February 11, 2023
The Play ransomware group listed networking firm A10 Networks in its leak site, after briefly gaining access to its IT infrastructure, according to data breach notifications firm BetterCyber. BetterCyber notes that the leak site claims the group has “private and personal confidential data, a lot of technical documentation, agreements, employee and client documents.” Read more… Source: GovInfoSecurity
- Ransomware crooks steal 3m+ patients’ medical records, personal info
February 11, 2023
Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection in December. According to the Southern California health-care organizations, which include Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, ...
- #StopRansomware – Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities
February 10, 2023
CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and Republic of Korea’s Defense Security Agency and National Intelligence Service have released a joint Cybersecurity Advisory (CSA), Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities, to provide information on ransomware activity used by North ...
- City of Oakland systems offline after ransomware attack
February 10, 2023
The City of Oakland was hit by a ransomware attack on Wednesday night that forced it to take all systems offline until the network is secured and affected services are brought back online. The attack has not affected core services, with the City saying that 911 dispatch and fire and emergency resources are all working as ...
- PayPal and Twitter abused in Turkey relief donation scams
February 9, 2023
Scammers are now exploiting the ongoing humanitarian crisis in Turkey and Syria: this time stealing donations by abusing legitimate platforms like PayPal and Twitter. This week, high magnitude earthquakes claimed more than 15,000 lives, caused extensive infrastructural damage and disrupted network connectivity across the Middle East and Mediterranean region. Read more… Source: Bleeping Computer