The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- As cyber criminals start targeting retail, companies must be ready to fight back
December 20, 2022
Given the current geopolitical situation, it’s easy to conflate cybersecurity with the war in Ukraine and bad actors overseas. Historically, cyber-attacks have traditionally been associated with nation states and hacktivists conducting high-profile attacks on high-profile targets to wreak havoc, make headlines, and draw attention to their cause. However, the current cyber-security landscape is far murkier ...
- XLLing in Excel – threat actors using malicious add-ins
December 20, 2022
For decades, Microsoft Office applications have served as one of the most significant entry points for malicious code. Malicious actors have continued to utilize Visual Basic for Applications (VBA) macros, despite automatic warnings to users after opening Office documents containing code. In addition to VBA macros, malicious actors, from cybercrime actors to state-sponsored groups, also exploited ...
- Play ransomware claims attack on German hotel chain H-Hotels
December 19, 2022
The Play ransomware gang has claimed responsibility for a cyber attack on H-Hotels (h-hotels.com) that has resulted in communication outages for the company. H-Hotels is a hospitality business with 60 hotels in 50 locations across Germany, Austria, and Switzerland, offering a total capacity of 9,600 rooms. The hotel chain employs 2,500 people and is one of the ...
- Ukraine’s DELTA military system users targeted by info-stealing malware
December 19, 2022
A compromised Ukrainian Ministry of Defense email account was found sending phishing emails and instant messages to users of the ‘DELTA’ situational awareness program to infect systems with information-stealing malware. The campaign was highlighted in a report today by CERT-UA (Computer Emergency Response Team of Ukraine), which warned Ukrainian military personnel of the malware attack. DELTA is ...
- Antwerp cyber attacks: Mayor says city will not negotiate or pay
December 18, 2022
For over a week, the services of the city of Antwerp have been targeted by a nefarious hacking collective called Play, which alleges to have stolen sensitive data that it will publish if the city fails to pay a ransom by Monday. After a week of administrative services – including libraries, museum booking sites, and council ...
- Restaurant CRM platform ‘SevenRooms’ confirms breach after data for sale
December 18, 2022
Restaurant customer management platform SevenRooms has confirmed it suffered a data breach after a threat actor began selling stolen data on a hacking forum. SevenRooms is a restaurant customer relationship management (CRM) platform used by international restaurant chains and hospitality service providers, such as MGM Resorts, Bloomin’ Brands, Mandarin Oriental, Wolfgang Puck, and many more. On December ...