Abnormal Security Shares Examples of Attacks Using Generative AI

Abnormal Security has published examples of cyberattacks that illustrate how cybercriminals are beginning to leverage generative artificial intelligence to launch cyberattacks.
In one example, a cybercriminal posed as a customer service representative from Netflix to encourage a potential victim to urgently renew their subscription by clicking on a URL. The attack is difficult to detect because it makes use of what appears to be an authentic helpdesk domain associated with Teeela, an online toy shopping app, and an email address hosted on Zendesk, a trusted customer support platform.
Other examples included similar attacks involving cybercriminals pretending to be representatives for cosmetics companies and insurance providers.
Abnormal Security CISO Mike Britton said as cybercriminals continue to leverage generative AI technologies, detecting these types of social engineering attacks will be increasingly difficult for the average end user.
The only way organizations will be able to consistently detect these types of attacks is to rely on cybersecurity platforms that make use of AI to identify end-user behavior that is known to be good, he added.
Any deviation from that behavior can then be flagged for further review.
In effect, organizations can leverage AI to combat increasingly more sophisticated attacks as generative AI technologies make it easier for cybercriminals to craft emails that appear legitimate, said Britton.
Those tactics and techniques are only going to become that much more challenging to detect as cybercriminals leverage generative AI platforms to create so-called deepfakes using audio and video that, at first glance, will appear to be equally legitimate, he added.
It's not clear how cybersecurity will need to evolve as generative AI, despite existing safeguards, becomes more commonly used to launch attacks based on social engineering techniques that are often at the heart of a business email compromise.
In theory, organizations could shift to other collaboration platforms, but many of those platforms are subject to the same types of social engineering tactics that cybercriminals use to compromise email, noted Britton.
There is little doubt that BEC and other similar types of attacks that are typically used to perpetrate fraud will exponentially increase in the coming year.
While organizations might invest more in end-user training to recognize these attacks, the increased sophistication of these attacks enabled by generative AI will make them difficult for any human to detect.
The only viable approach will be to rely more on machines to identify signals indicative of anomalous behavior such as an email that includes malware that includes links to some type of external command and control center.
In the meantime, organizations should be especially prudent when relying on email to manage any type of transaction.
In much the same way that fewer people today answer their phone without knowing first who is calling, there may come a day when no one answers an email without first knowing where it came from and whether they can verify that the person who sent it is actually someone they know.


This Cyber News was published on securityboulevard.com. Publication date: Wed, 03 Jan 2024 19:13:07 +0000


Cyber News related to Abnormal Security Shares Examples of Attacks Using Generative AI

11 GenAI cybersecurity surveys you should read - Generative AI stands at the forefront of technological innovation, reshaping industries and unlocking new possibilities across various domains. As the integration of these technologies continues, a vigilant approach to ethical considerations and ...
10 months ago Helpnetsecurity.com
Abnormal Security Shares Examples of Attacks Using Generative AI - Abnormal Security has published examples of cyberattacks that illustrate how cybercriminals are beginning to leverage generative artificial intelligence to launch cyberattacks. In one example, a cybercriminal posed as a customer service ...
10 months ago Securityboulevard.com
4 key devsecops skills for the generative AI era - Experts believe that generative AI capabilities, copilots, and large language models are ushering in a new era of how developers, data scientists, and engineers will work and innovate. They expect AI to improve productivity, quality, and innovation, ...
10 months ago Infoworld.com
What Lurks in the Dark: Taking Aim at Shadow AI - Security teams are confronting a new nightmare this Halloween season: the rise of generative artificial intelligence. Generative AI tools have unleashed a new era of terror for chief information security officers, from powering deepfakes that are ...
11 months ago Darkreading.com
Generative AI Takes on SIEM - With more vendors adding support for generative AI to their platforms and products, life for security analysts seems to be getting deceptively easier. While adding generative AI capabilities to security information and event management is still in ...
11 months ago Darkreading.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Social engineering in the era of generative AI: Predictions for 2024 - Breakthroughs in large language models are driving an arms race between cybersecurity and social engineering scammers. For businesses, generative AI is both a curse and an opportunity. It's not just AI models themselves that cyber criminals are ...
6 months ago Securityintelligence.com
Navigating the New Frontier of AI-Driven Cybersecurity Threats - A few weeks ago, Best Buy revealed its plans to deploy generative AI to transform its customer service function. Best Buy's initiative is a harbinger of generative AI deployment in enterprise settings, aiming to increase productivity and improve ...
6 months ago Securityboulevard.com
How to Build a Data Foundation for Generative AI - Generative AI is not just a general-purpose productivity aid that surfaces information the way a search engine does; with gen AI, organizations can combine their unique, proprietary data with foundation models that have been pre-trained on a broad ...
10 months ago Feeds.dzone.com
QR Code 'Quishing' Attacks on Execs Surge, Evading Email Security - Email attacks relying on QR codes surged in the last quarter, with attackers specifically targeting corporate executives and managers, reinforcing recommendations that companies place additional digital protections around their business leadership. ...
9 months ago Darkreading.com
Generative AI Redefines Cybersecurity Defense Against Advanced Threats - In the ever-shifting realm of cybersecurity, the dynamic dance between defenders and attackers has reached a new echelon with the integration of artificial intelligence, particularly generative AI. This technological advancement has not only armed ...
9 months ago Cysecurity.news
Securing Generative AI: Navigating Risks and Strategies - The introduction of generative AI has caused a paradigm change in the rapidly developing field of artificial intelligence, posing both unprecedented benefits and problems for companies. The need to strengthen security measures is becoming more and ...
11 months ago Cysecurity.news
AI Is Changing the Way Enterprises Look at Trust: Deloitte & SAP Weigh In - Whether you are creating or customizing an AI policy or reassessing how your company approaches trust, keeping customers' confidence can be increasingly difficult with generative AI's unpredictability in the picture. We spoke to Deloitte's Michael ...
4 months ago Techrepublic.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
11 months ago Microsoft.com
Generative AI's enterprise gamble: IT leaders bet big on tech despite security woes - Enterprise IT teams are moving swiftly to adopt generative artificial intelligence systems like ChatGPT, according to a new report from Glean and ISG. The report found that IT leaders see generative AI as transformational and are willing to increase ...
9 months ago Venturebeat.com
Generative AI vs. Predictive AI: A Cybersecurity Perspective - In the context of cybersecurity, AI promises considerable benefits however there's still a lot of confusion surrounding the topic, particularly around the terms generative AI and predictive AI. Given the high failure rate for AI projects let's ...
4 months ago Securityboulevard.com
Transforming the Creative Sphere With Generative AI - Generative AI, a trailblazing branch of artificial intelligence, is transforming the creative landscape and opening up new avenues for businesses worldwide. This article delves into how generative AI transforms creative work, including its benefits, ...
10 months ago Cysecurity.news
How Criminals Are Leveraging AI to Create Convincing Scams - Cybercriminals create far more sophisticated scams with generative AI than traditional phishing scams. According to Visa research, scammers are fooling even the savviest internet users by launching pig butchering, inheritance, humanitarian relief ...
5 months ago Tripwire.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
1 month ago Helpnetsecurity.com
QR Code Phishing Attacks Target High-Level Executives: Report - C-level executives and others in managerial positions are by far the top targets of increasingly popular phishing attacks that involve malicious QR codes. Bad actors know that if they can get into the email of a highly placed executive, it opens up ...
9 months ago Securityboulevard.com
Microsoft's 'Copilot for Security' brings generative AI to the frontlines of cybersecurity - Microsoft announced today that Copilot for Security, a generative AI-powered platform designed to assist security professionals in combating the ever-evolving cyberthreat landscape, will be generally available worldwide starting April 1st. The launch ...
8 months ago Venturebeat.com
3 Ways the CTO Can Fortify the Organization in the Age of Generative AI - An August survey by BlackBerry found that 75% of organizations worldwide were considering or implementing bans on ChatGPT and other generative AI applications in the workplace, with the vast majority of those citing the risk to data security and ...
9 months ago Securityboulevard.com
Fortinet Adds Generative AI Tool to Security Operations Portfolio - Fortinet today added a generative artificial intelligence tool to its portfolio to eliminate a range of manual tasks that security operations teams would otherwise need to perform. John Maddison, chief marketing officer for Fortinet, said Fortinet ...
11 months ago Securityboulevard.com
How enterprises are using gen AI to protect against ChatGPT leaks - ChatGPT is the new DNA of shadow IT, exposing organizations to new risks no one anticipated. Enterprise workers are gaining a 40% performance boost thanks to ChatGPT based on a recent Harvard University study. A second study from MIT discovered that ...
10 months ago Venturebeat.com
Building a Sustainable Data Ecosystem - Finally, I outline future research and policy refinement directions, advocating for a collaborative and responsible approach to building a sustainable data ecosystem in generative AI. In recent years, generative AI has emerged as a transformative ...
8 months ago Feeds.dzone.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)