Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cybercriminals are using AI to carry out various cyberattacks including password cracking, phishing emails, impersonation and deepfakes. It’s important you understand how cybercriminals are using AI to their advantage so you can better protect yourself and family, as well as your accounts and data. Continue reading to learn about AI-enabled cyberattacks and what you can do to keep yourself safe.

If you read the news, you’ve encountered the term “Magecart” multiple times in recent years. The term refers to several hacker organizations that use online skimming methods to steal personal information from websites, most frequently customer information and credit card details on websites that take online payments.

The recent conviction of a U.K. man for cyber crimes committed in 2018 brings to light a cyber attack where this attacker manually performed the “in-the-middle” part of an attack. We’ve all heard of a “Man-in-the-Middle” (MitM) attack – also more recently called a “Manipulator-in-the-Middle” attack.

Details from a simple impersonation phishing attack show how well thought out these attacks really are in order to heighten their ability to fool victims and harvest credentials. Credential harvesting scams are pretty simple at face value: send an email that links to a spoofed login page/website, and let the credentials roll on in.

Last week, a vulnerability in the popular MOVEit managed file transfer service was exploited by the CL0P ransomware gang to execute data breaches – an increasingly common cybersecurity attack technique where popular software is exploited to target, by extension, their users. Victims of this hack include British Airways, Boots, BBC, and multiple US government agencies.

Killnet is an advanced persistent threat (APT) group based in Russia that has been active since at least 2015. The group is notorious for its highly sophisticated and persistent attacks on a diverse range of industries, including state and local governments, telecommunications, and defense. Killnet has been linked to several high-profile attacks, including the 2016 hack of the Democratic National Committee (DNC) during the U.S. presidential election.

To identify malicious packages and protect yourself against them, you need to know what to look for. Here’s a simple guide. In January 2022, users of the popular open-source libraries “faker” and “colors” suddenly found their applications started to malfunction and display nonsensical data because they had been infected by a malicious package.

As government-sponsored and widespread vulnerability attacks continue to result in larger damages, cyber insurers are looking for opportunities to still meet demand without incurring risk. It may come as a surprise, but cyber insurers aren’t in the business of issuing (and covering) cyber insurance policies; they’re in the business of staying in business. And that means identifying and reducing the highest sources of risk where the insurer will lose through paying on claims.