Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Hacking.. Show all posts
Hacking Techniques
AI technology AI tools Cyber Attacks Cyber Hacking. Data Analytics data security Ethical Hacking Hacking Techniques

The Growing Role of AI in Ethical Hacking: Insights from Bugcrowd’s 2024 Report

Bugcrowd’s annual “Inside the Mind of a Hacker” report for 2024 reveals new trends shaping the ethical hacking landscape, with an emphasis on AI’s role in transforming hacking tactics. Compiled from feedback from over 1,300 ethical hackers, the report explores how AI is rapidly becoming an integral tool in cybersecurity, shifting from simple automation to advanced data analysis. 

This year, a remarkable 71% of hackers say AI enhances the value of hacking, up from just 21% last year, highlighting its growing significance. For ethical hackers, data analysis is now a primary AI use case, surpassing task automation. With 74% of participants agreeing that AI makes hacking more accessible, new entrants are increasingly using AI-powered tools to uncover vulnerabilities in systems and software. This is a positive shift, as these ethical hackers disclose security flaws, allowing companies to strengthen their defenses before malicious actors can exploit them. 

However, it also means that criminal hackers are adopting AI in similar ways, creating both opportunities and challenges for cybersecurity. Dave Gerry, Bugcrowd’s CEO, emphasizes that while AI-driven threats evolve rapidly, ethical hackers are equally using AI to refine their methods. This trend is reshaping traditional cybersecurity strategies as hackers move toward more sophisticated, AI-enhanced approaches. While AI offers undeniable benefits, the security risks are just as pressing, with 81% of respondents recognizing AI as a significant potential threat. The report also underscores a key insight: while AI can complement human capabilities, it cannot fully replicate them. 

For example, only a minority of hackers surveyed felt that AI could surpass their skills or creativity. These findings suggest that while AI contributes to hacking, human insight remains crucial, especially in complex problem-solving and adaptive thinking. Michael Skelton, Bugcrowd’s VP of security, further notes that AI’s role in hardware hacking, a specialized niche, has expanded as Internet of Things (IoT) devices proliferate. AI helps identify tiny vulnerabilities in hardware that human hackers might overlook, such as power fluctuations and unusual electromagnetic signals. As AI reshapes the ethical hacking landscape, Bugcrowd’s report concludes with both a call to action and a note of caution. 

While AI offers valuable tools for ethical hackers, it equally empowers cybercriminals, accelerating the development of sophisticated, AI-driven attacks. This dual use highlights the importance of responsible, proactive cybersecurity practices. By leveraging AI to protect systems while staying vigilant against AI-fueled cyber threats, the hacking community can help guide the broader industry toward safer, more secure digital environments.
Read more »
Ransomware
Cyber Crime Cyber Hacking. Cyber Security Dharma Fake Antivirus phishing Ransomware

Dharma: A Malicious Ransomware In The Skin of an Anti-Virus Software








A family of ransomware has been infecting organizations around the globe and now has a new trick up its sleeve. A file-locking malware is being distributed disguised as anti-virus software.

“Dharma” happens to be the name of the infamous ransomware which has been linked to tens of cyber-crime episodes.

Dharma’s "executive working team" is all about creating and fabricating state-of –the-art attacks that are lucrative to the highest extent.

And by way of the recent stunt they’ve pulled they stand a handsome chance of extorting ransom payments in exchange for decrypting files and locked networks on the Windows system.

Actually, the ransomware poses to be an anti-virus software and hence the users are tricked into downloading and installing it.

The attacks like many others begin with “phishing emails” that claim to be from Microsoft and stating that the victim’s PC is under some risk, threat or is corrupted.

Luring the user into downloading the anti-virus by assessing a download link, if the user goes through with it, two downloads are retrieved.

According to sources, they are Dharma ransomware payload and an old version of anti-virus software from cyber security company ESET.

After the self-extracting archive runs, Dharma starts the file encrypting process. The user is guided to follow the installation instructions for ESET AV remover.

The interface gets displayed on their desktop but still requires user interaction during the installation process all the while distracting the user from the actual con.

The victim would immediately be confronted with a ransom note, once the installation gets done with, demanding crypto-currency in exchange for unlocking the file.

Malware have usually been hidden under skins of actually legitimate applications and software, in the above scenario an official unmodified ESET AV Remover was made use of.

Any other potential application could be exploited and used in this way to fool the not so well cyber-educated and even tech savvy users.

The file-locking malware is relatively new in the market but powerful nonetheless and with the enhanced tendencies of tactic and work being done on it.

Various cyber-cons still try to upgrade old threats and make use of latest techniques to wreak as much havoc as possible.

Ransomware happens to be an especially costly and dynamic threat which could hit in more than one ways.

The only way to not fall prey to such devastating attacks is securing email gateways, embracing better cyber-security manoeuvres, backing up files and constantly patching and updating.

Read more »
Subscribe to: Posts (Atom)