The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant, tasks to scale their operations. Drafting phishing lures, profiling targets, debugging code, generating forged documents, modifying malware, translating victim communications, and processing stolen data at scale were once time-consuming activities that AI has made significantly easier. AI does not replace cybercriminals; it lowers friction, increases speed, and expands the range of actors able to perform tasks that previously required more time, skill, or external support.
Read more…
Source: Rapid7 News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cyberattacks Put Russian Fingers on the Switch at Power Plants, U.S. Says
March 15, 2018
The Trump administration accused Russia on Thursday of engineering a series of cyberattacks that targeted American and European nuclear power plants and water and electric systems, and could have sabotaged or shut power plants off at will. United States officials and private security firms saw the attacks as a signal by Moscow that it could disrupt ...
- Hacking operation uses malicious Word documents to target aid organisations
March 5, 2018
A newly uncovered ‘nation-state level’ cyber espionage operation has targeted humanitarian aid organisations around the globe via the use of backdoors hidden within malicious Word documents. Dubbed Operation Honeybee based on the name of lure documents used during the attacks, the campaign has been discovered by security researchers at security company McAfee Labs after a new variant of ...
- Equifax hack just got worse for a lot more Americans
March 2, 2018
Equifax has confirmed more Americans are impacted by the cyberattack that targeted the credit rating giant last year than was first revealed. The company said in a statement Thursday that an ongoing analysis showed 2.4 million more Americans had their names and partial drivers’ license information stolen, but they were not previously thought to have been affected. The company ...
- Sophisticated RedDrop Malware Targets Android Phones
March 1, 2018
A sophisticated strain of mobile malware targeting Android devices can extract sensitive data and audio recordings, run up premium SMS charges and then tries to extort money from victims. According to security firm Wandera the malware, dubbed RedDrop, is being distributed inside 53 Android applications promoted on third-party app stores. Apps range from image editors, calculators, ...
- Australian universities and NGOs targeted by Iranian and Chinese hackers
February 27, 2018
Australian universities have been targeted by hackers with connections to Iran in recent months, and “a number of investigations” are in progress, according to cybersecurity firm CrowdStrike. “There are a lot of things that are happening geopolitically that are driving a lot of attacks,” the company’s vice president for technology strategy Michael Sentonas told journalists in ...
- Massive Malspam Campaign Targets Unpatched Systems
February 27, 2018
Cybercriminals are leveraging a recently patched critical Adobe Flash Player vulnerability in a massive spam campaign targeting unpatched computers. According to the research firm Morphisec, cybercriminals are blasting spam messages that urge recipients to click a link to download a Word document. And when a victim opens the document and enables macros, malware attempts to exploit an ...