Blog - Cyber Security Informer

Researchers warn AI-generated phishing attacks are becoming more convincing

Graham Cluley

JANUARY 12, 2023

That's a takeaway from a series of experiments undertaken using GPT-3 AI text-generating interfaces to create malicious messages designed to spear-phish, scam, harrass, and spread fake news. Read more in my article on the Tripwire State of Security blog.

Phishing

Phishing Scams

There’s Something Phishy About Generative AI

Heimadal Security

MARCH 7, 2024

The rise of GenAI (Generative AI) gives leeway to malicious content creators with 80% of all phishing campaigns discovered in the wild being generated by AI tools such as ChatGPT or similar. In this article, we are going to explore the latest phishing techniques that capitalize on GenAI.

Phishing

CIO in the Age of AI: A Title Under Threat?

SecureWorld News

NOVEMBER 30, 2023

With the advent of artificial intelligence (AI), machine learning (ML), and generative AI, questions have arisen regarding the continued relevance of the CIO title and whether it accurately reflects the evolving nature of the job. The moral of the story is that we should organize for function not title."

CISO

CISO Artificial Intelligence Phishing Cybersecurity

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Tackling Cyber Threats: Is AI Cybersecurity Our Only Hope?

Jane Frankland

MAY 8, 2024

Could artificial intelligence (AI) be the key to outsmarting cyber threats in an increasingly connected world? These are questions I’ve been asking myself recently as AI and cybercrime have become hot topics in the tech industry, and for world leaders. This is where AI comes in as a potential game-changer.

Cyber threats

Cyber threats Cybersecurity Artificial Intelligence CISO

April’s Patch Tuesday Brings Record Number of Fixes

Krebs on Security

APRIL 9, 2024

Another interesting bug McCarthy pointed to is CVE-2024-29063 , which involves hard-coded credentials in Azure’s search backend infrastructure that could be gleaned by taking advantage of Azure AI search. “Microsoft has updated their backend and notified any customers who have been affected by the credential leakage.”

DNS

DNS Social Engineering Malware Media

Chat GPT and Nation-State Attackers: A New Era of AI-generated Attacks

Security Boulevard

MARCH 5, 2024

A new report from Microsoft and Open AI shows how attackers are increasingly using artificial intelligence (AI) to improve their cyberattacks. The report found that nation-backed groups use LLMs for research, scripting, and phishing emails.

Artificial Intelligence

Artificial Intelligence Phishing Cyber Attacks Cybersecurity

Black Hat AI Tools Fuel Rise in Business Email Compromise (BEC) Attacks

eSecurity Planet

JULY 13, 2023

ChatGPT and other generative AI tools have been used by cybercriminals to create convincing spoofing emails, resulting in a dramatic rise in business email compromise (BEC) attacks. They found a tool called WormGPT “through a prominent online forum that’s often associated with cybercrime,” Kelley wrote in a blog post.

Cybercrime

Cybercrime Phishing Marketing System Administration

Key Insights from the OpenText 2024 Threat Perspective

Webroot

MAY 6, 2024

The uptick is primarily attributed to attackers leveraging advanced tools like generative artificial intelligence (AI), which helps them craft malware that’s more sophisticated and adaptive. Educate yourself on common phishing tactics and train employees to recognize fraudulent emails.

Antivirus

Antivirus Education Cyber threats Phishing

How Generative AI Will Remake Cybersecurity

eSecurity Planet

MAY 30, 2023

The software giant built the technology on cutting-edge generative AI – such as large language models (LLMs) – that power applications like ChatGPT. In a blog post , Microsoft boasted that the Security Copilot was the “first security product to enable defenders to move at the speed and scale of AI.” million job openings.

Cybersecurity

Cybersecurity Technology Unstructured Data Software

The Security Challenges of Generative AI Tools: Can a Loose Prompt Sink Your Ship?

Thales Cloud Protection & Licensing

APRIL 4, 2023

The Security Challenges of Generative AI Tools: Can a Loose Prompt Sink Your Ship? Fast forward to 2023, and this adage finds new meaning in the context of generative AI tools, like OpenAI ChatGPT, Google Bard, and Microsoft Copilot. What are generative AI tools? The message was, “Loose lips sink ships."

Phishing

Phishing Technology Risk Social Engineering

BlackMamba PoC Malware Uses AI to Avoid Detection

eSecurity Planet

MARCH 10, 2023

HYAS researchers recently developed proof-of-concept (PoC) malware that leverages AI both to eliminate the need for command and control (C2) infrastructure and to generate new malware on the fly in order to evade detection algorithms. Read next: AI Coding: A Security Problem?

Malware

Malware Antivirus Firmware Mobile

GUEST ESSAY: Marshaling automated cybersecurity tools to defend automated attacks

The Last Watchdog

MARCH 17, 2022

Cybersecurity tools evolve towards leveraging machine learning (ML) and artificial intelligence (AI) at ever deeper levels, and that’s of course a good thing. However, we often see results that feel cookie cutter and counter-productive, raising the question: can AI really do as good of a job as a human?

Cybersecurity

Cybersecurity Scams Artificial Intelligence Software

New AI Threats Emerge as FraudGPT Creator Unleashes DarkBERT and DarkBART

eSecurity Planet

AUGUST 3, 2023

New AI-powered cybercrime tools suggest that the capability of AI hacking tools may be evolving rapidly. The creator of FraudGPT, and potentially also WormGPT , is actively developing the next generation of cybercrime chatbots with much more advanced capabilities.

Social Engineering

Social Engineering Cybercrime Engineering Cybersecurity

The Rise of AI Social Engineering Scams

Identity IQ

JUNE 1, 2023

The Rise of AI Social Engineering Scams IdentityIQ In today’s digital age, social engineering scams have become an increasingly prevalent threat. However, the emergence of artificial intelligence (AI) has taken these scams to a whole new level. Phishing attacks. Spear phishing attacks.

Social Engineering

Social Engineering Scams Engineering Identity Theft

Security Roundup May 2024

BH Consulting

MAY 15, 2024

This category is where the user unwittingly causes a breach by making a mistake or falling for a phishing email. Security Week highlighted an encouraging development that growing numbers of users are getting better at spotting phishing. Links we liked Trend Micro has a hype-free look at how criminals are using generative AI.

Data breaches

Data breaches Phishing Ransomware Data privacy

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

The Last Watchdog

OCTOBER 5, 2023

Here is Erin’s Q&A column, which originally went live on OneRep’s well-done blog.) For the first expert interview on our blog, we welcomed Pulitzer-winning investigative reporter Byron V. Byron: To detect deep fakes, organizations can use digital watermarking, AI-driven detection tools, and media provenance tracking.

Cyber threats

Cyber threats Cyber Insurance Cybersecurity Threat Detection

Malicious ad served inside Bing's AI chatbot

Malwarebytes

SEPTEMBER 27, 2023

In February 2023, Microsoft disclosed its new AI-assisted search engine, Bing Chat, powered by OpenAI's GPT-4. Even though Google has been dominating the search industry for years, this event was significant enough to generate not only interest but also plant the seed for a possible change in the balance in the future.

Malware

Malware Software Advertising Engineering

LinkedIn introduces new security features to combat fake accounts

Malwarebytes

NOVEMBER 1, 2022

For years, it has been aware of spam, fake job offers, phishing, fraudulent investments, and (at times) malware, and has been trying to combat those issues. LinkedIn's deep-learning tech looks for subtle image artifacts, which may be invisible to the naked eye, associated with images created using AI. Source: LinkedIn).

Accountability

Accountability Cryptocurrency Education Technology

Q&A: How cybersecurity has become a primal battleground for AI one-upsmanship

The Last Watchdog

MARCH 29, 2019

That brings us to today, where AV vendors and malware distributors are engaged in a 3D chess match — infused by artificial intelligence, or AI. I recently visited with Rajarshi Gupta, head of AI at Avast, who gave me a breakdown of how threat actors, today, are leveraging AI to support their malicious activities.

Artificial Intelligence

Artificial Intelligence Cybersecurity Malware Antivirus

LRQA Nettitude’s Approach to Artificial Intelligence

LRQA Nettitude Labs

JULY 5, 2023

The exploding popularity of AI and its proliferation within the media has led to a rush to integrate this incredibly powerful technology into all sorts of different applications. Current Regulations Initial investigation shows the challenges that organisations will face in regulating the use of AI.

Artificial Intelligence

Artificial Intelligence Data privacy Social Engineering Risk

9 tips to protect your family against identity theft and credit and bank fraud

Webroot

FEBRUARY 15, 2024

Instead, use a password manager to easily generate and use strong passwords without having to recall them all. Be wary of phishing scams Many criminals will send emails or text messages that appear to be from a legitimate source, like your bank or credit card company.

Identity Theft

Identity Theft Banking Scams Passwords

Meet Exotic Lily, access broker for ransomware and other malware peddlers

Malwarebytes

MARCH 18, 2022

From the TAG blog we can learn that Exotic Lily was very much specialized. Microsoft also posted a blog about attacks that exploited this vulnerability. These personas would come including social media profiles, personal websites, and AI generated profile pictures. Exotic Lily. Their initial attack vector was email.

Ransomware

Ransomware Malware Social Engineering Media

Cybersecurity Industry News Review – March 28, 2023

CyberSecurity Insiders

MARCH 28, 2023

The Cyber Action Plan is an online tool which allows small businesses, as well as individuals and families, to answer a series of questions and generate a tailored action plan. DDoS attacks were 16% of the total, while phishing and supply-chain attacks were each involved in 10% of attacks.

Cybersecurity

Cybersecurity Small Business Backups Artificial Intelligence

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

The Last Watchdog

JULY 30, 2018

The painful impact of cyber attacks on businesses is worsening despite advances in technology aimed at protecting enterprises from malicious network traffic, insider threats, malware, denial of service attacks and phishing campaigns. This has left many CISOs questioning if today’s incumbent cybersecurity solutions are enough.

CISO

CISO Cyber Attacks Data collection Cybersecurity

Story of the year: the impact of AI on cybersecurity

SecureList

DECEMBER 11, 2023

In the whirlwind of technological advancements and societal transformations, the term “AI” has undoubtedly etched itself into the forefront of global discourse. The same survey states that 79% of respondents across all job titles are exposed to generative AI either at work or at home.

Cybersecurity

Cybersecurity Artificial Intelligence Technology Risk

GUEST ESSAY: How humans and machines can be melded to thwart email-borne targeted attacks

The Last Watchdog

NOVEMBER 13, 2022

Phishing emails continue to plague organizations and their users. No matter how many staff training sessions and security tools IT throws at the phishing problem, a certain percentage of users continues to click on their malicious links and attachments or approve their bogus payment requests. Leveraging AI/ML.

Phishing

Phishing Social Engineering Internet Internet

HYAS Protection for growing businesses

Security Boulevard

JUNE 22, 2023

Comprehensive Protective DNS security solutions such as HYAS Protect detects and blocks command and control (C2) communication used by malware, ransomware, phishing, and supply chain attacks. Luckily, you can deploy one solution to defend against a broad range of DNS-based threats.

DNS

DNS Small Business Cyber Attacks Antivirus

Attacks against machine learning — an overview

Elie

MAY 30, 2018

This blog post survey the attacks techniques that target AI (artificial intelligence) systems and how to protect against them. This post is the fourth, and last, post in a series of four dedicated to providing a concise overview of how to use AI to build robust anti-abuse protections. first post. second post. slides here.

Accountability

Accountability Artificial Intelligence Engineering Retail

Attacks against machine learning — an overview

Elie

MAY 30, 2018

This blog post survey the attacks techniques that target AI (artificial intelligence) systems and how to protect against them. This post is the fourth, and last, post in a series of four dedicated to providing a concise overview of how to use AI to build robust anti-abuse protections. first post. second post. slides here.

Accountability

Accountability Artificial Intelligence Engineering Retail

10 Cybersecurity Trends That Emerged in 2023

Security Boulevard

DECEMBER 19, 2023

Bad actors can (and will) bypass AI safeguards The “genuine” security models most of us rely on have built-in safeguards. But something curious is happening alongside the rise of mass-audience/input AI. That means the prompt comes from a third party, which tells the AI to read the content of, say, a website or a PDF.

Cybersecurity

Cybersecurity Encryption Ransomware Backups

AI: The New Buzzword in Cybersecurity

SecureWorld News

MAY 11, 2023

Here are a few articles curated on the AI topic, with some highlights from each. Threat hunters are using AI to identify unusual patterns and summarize large amounts of data, connecting the dots across multiple sources of information and hidden patterns. What are the possibilities, concerns, risks, and opportunities?

Cybersecurity

Cybersecurity Artificial Intelligence Threat Detection Risk

Using Machine Learning in Vulnerability Management for Prioritization

NopSec

OCTOBER 4, 2022

Billions of computers generate roughly 2.5 The large amount of data generated is too much for a security team to manually analyze necessitating the use of Artificial Intelligence/Machine Learning (AI/ML) techniques to sort the good from the bad. AI/ML is used in a variety of ways within the cybersecurity realm.

Artificial Intelligence

Artificial Intelligence Risk Malware Big data

Types of Vishing Attacks and How to Avoid Them

Security Through Education

AUGUST 22, 2023

AI-Based Vishing As technology advances, so do the techniques employed by scammers. AI-based vishing, a sophisticated form of voice phishing, poses a significant threat in the digital landscape. To protect yourself from AI-based vishing: Remain vigilant and be aware that scammers can use AI technology to simulate human voices.

Scams

Scams Artificial Intelligence Technology Government

Privacy predictions 2023

SecureList

NOVEMBER 28, 2022

In the EU, lawmakers are working on the Data Act , meant to further protect sensitive data, as well as a comprehensive AI legal strategy that might put a curb on a range of invasive machine-learning technologies and require greater accountability and transparency.

Insurance

Insurance Social Engineering IoT Data breaches

Security Roundup July 2023

BH Consulting

JULY 13, 2023

And for anyone with a non-technical background who’s interested in getting started in cybersecurity, Lance Spitzner of SANS has published a useful blog. Data protection concerns force delay in new AI launch Google’s Bard AI chatbot is on hold in the EU after the Data Protection Commission blocked its launch in June.

Cyber Risk

Cyber Risk Artificial Intelligence Risk Cyber Attacks

Top 5 Cyber Predictions for 2024: A CISO Perspective

Security Boulevard

JANUARY 2, 2024

This past year set a profound stage, from the advent of stringent cyber regulations to the convergence of generative AI, social engineering, and ransomware. The release of generative AI-powered applications like ChatGPT highlights the potential for AI and machine learning (ML) to reshape how organizations operate.

CISO

CISO Social Engineering Architecture Ransomware

Black Hat USA 2022 Continued: Innovation in the NOC

Cisco Security

AUGUST 29, 2022

In part one of our Black Hat USA 2022 NOC blog, we discussed building the network with Meraki: Adapt and Overcome. However, by default, we allow and monitor DNS requests to malware, command and control, phishing, crypto mining, and other dangerous domains, which would be blocked in a production environment. ai threat intelligence.

DNS

DNS Wireless Malware Firewall

Microsoft, Google Among Tech Giants Pledging Big Money to Cybersecurity

eSecurity Planet

AUGUST 27, 2021

Code.org will teach cybersecurity concepts to more than 3 million students in 35,000 classrooms over the next three years to teach them how to be safe online and to generate interest in careers in cybersecurity. Code Security is Key.

Cybersecurity

Cybersecurity Education Government Software

FraudGPT AI Bot Authors Malicious Code, Phishing Emails, and More

SecureWorld News

JULY 26, 2023

A new potential cybercrime tool called "FraudGPT" appears to be an AI bot exclusively being used for offensive purposes, such as crafting spear phishing emails, creating cracking tools, carding, and more nefarious activities. This craftiness would play a vital role in business email compromise (BEC) phishing campaigns on organizations.

Phishing

Phishing Social Engineering Cybercrime Scams

SANS Outlines Critical Infrastructure Security Steps as Russia, U.S. Trade Cyberthreats

eSecurity Planet

FEBRUARY 25, 2022

Williams urged viewers to focus on the basics, like phishing , passwords and patching /updating, as those are still the entry point of many attacks. “Do NOT believe your heuristics or ML/AI based tool will save you either,” he said, recommending a talk by TrustedSec founder David Kennedy. ” “Watch your egress.

B2B

B2B Cyber Attacks Firewall Cyber threats

Researchers warn AI-generated phishing attacks are becoming more convincing

There’s Something Phishy About Generative AI

Webinars

Trending Sources

CIO in the Age of AI: A Title Under Threat?

Webinars

Tackling Cyber Threats: Is AI Cybersecurity Our Only Hope?

April’s Patch Tuesday Brings Record Number of Fixes

Chat GPT and Nation-State Attackers: A New Era of AI-generated Attacks

Black Hat AI Tools Fuel Rise in Business Email Compromise (BEC) Attacks

Key Insights from the OpenText 2024 Threat Perspective

How Generative AI Will Remake Cybersecurity

The Security Challenges of Generative AI Tools: Can a Loose Prompt Sink Your Ship?

BlackMamba PoC Malware Uses AI to Avoid Detection

GUEST ESSAY: Marshaling automated cybersecurity tools to defend automated attacks

New AI Threats Emerge as FraudGPT Creator Unleashes DarkBERT and DarkBART

The Rise of AI Social Engineering Scams

Security Roundup May 2024

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

Malicious ad served inside Bing's AI chatbot

LinkedIn introduces new security features to combat fake accounts

Q&A: How cybersecurity has become a primal battleground for AI one-upsmanship

LRQA Nettitude’s Approach to Artificial Intelligence

9 tips to protect your family against identity theft and credit and bank fraud

Meet Exotic Lily, access broker for ransomware and other malware peddlers

Cybersecurity Industry News Review – March 28, 2023

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

Story of the year: the impact of AI on cybersecurity

GUEST ESSAY: How humans and machines can be melded to thwart email-borne targeted attacks

HYAS Protection for growing businesses

Attacks against machine learning — an overview

Attacks against machine learning — an overview

10 Cybersecurity Trends That Emerged in 2023

AI: The New Buzzword in Cybersecurity

Using Machine Learning in Vulnerability Management for Prioritization

Types of Vishing Attacks and How to Avoid Them

Privacy predictions 2023

Security Roundup July 2023

Top 5 Cyber Predictions for 2024: A CISO Perspective

Black Hat USA 2022 Continued: Innovation in the NOC

Microsoft, Google Among Tech Giants Pledging Big Money to Cybersecurity

FraudGPT AI Bot Authors Malicious Code, Phishing Emails, and More

SANS Outlines Critical Infrastructure Security Steps as Russia, U.S. Trade Cyberthreats

Stay Connected