The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Angela Merkel’s personal details leaked on Twitter
January 4, 2019
An unknown hacker has released confidential data linked to the German Chancellor Angela Merkel and hundreds of the country’s other politicians. The stolen details were released on Twitter over the past few weeks in a sort of Advent Calendar and included bills and credit card information, phone numbers, email addresses, photo identification and personal chat histories. The Twitter ...
- Phishing template uses fake fonts to decode content and evade detection
January 3, 2019
Proofpoint researchers recently observed a phishing kit with peculiar encoding utilized in a credential harvesting scheme impersonating a major retail bank. While encoded source code and various obfuscation mechanisms have been well documented in phishing kits, this technique appears to be unique for the time being in its use of web fonts to implement the encoding. When the ...
- Newsmaker Interview: Bruce Schneier on Physical Cyber Threats
January 2, 2019
Bruce Schneier discusses the clash between critical infrastructure and cyber threats. Attacks on physical devices and infrastructure offer a new target for cyber crime, a new opportunity for espionage and even a few front in cyber war. Rather than exploit computers and their applications, the Internet of Things allows malicious actors to go after a whole new ...
- Cyber-attack disrupts printing of major US newspapers
December 30, 2018
A cyber-attack has caused printing and delivery disruptions to major US newspapers, including the Los Angeles Times, the Chicago Tribune and the Baltimore Sun. The attack on Saturday appeared to originate outside the United States, the Los Angeles Times reported. It led to distribution delays in the Saturday edition of the Times, the Tribune, the Sun and other ...
- Stolen UK identities selling for as little as £10 on the dark web
December 26, 2018
Stolen personal data of UK citizens is selling for as little as £10 on the dark web, offering hackers all the information needed to carry out online fraud and identity theft, The Independent has discovered. So-called fullz – hacker slang meaning a “full ID” package – of UK citizens are being listed on several popular online black markets. A full ID ...
- URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader
December 18, 2018
As ransomware and banking trojans captured the interest – and profits – of the world with their destructive routines, cybersecurity practitioners have repeatedly published online and offline how cybercriminals have compartmentalized their schemes through exchange of information and banded professional organizations. As a more concrete proof of the way these symbiotic relationships and work flows intersect, we discovered a connection between EMOTET, URSNIF, DRIDEX and BitPaymer from open source information and ...