[ad_1] One ransomware hit can stall cranes, freeze payroll, and throw entire projects off schedule in hours. With scattered job sites, mobile crews, and countless subcontractor logins, construction firms are prime targets for cybercriminals chasing high payouts. The real cost isn’t just locked files; it’s broken timelines, lost trust, and contracts in jeopardy. The firms...Read More
[ad_1] ESET has identified PromptLock, the first AI-powered ransomware, using OpenAI models to generate scripts that target Windows, Linux and macOS. It was only a matter of time before artificial intelligence became a building block for cybercriminals. This week, researchers at ESET revealed what they are calling the first known AI-powered ransomware, a prototype dubbed...Read More
[ad_1] Threat researchers discovered the first AI-powered ransomware, called PromptLock, that uses Lua scripts to steal and encrypt data on Windows, macOS, and Linux systems. The malware uses OpenAI’s gpt-oss:20b model through the Ollama API to dynamically generate the malicious Lua scripts from hard-coded prompts. How PromptLock works According to ESET researchers, PromptLock is written in...Read More
[ad_1] Hackers have manipulated Anthropic’s Claude AI chatbot to launch ransomware campaigns, phishing schemes, and extortion operations, according to a recent company report. The attacks, which targeted at least 17 organisations, demonstrate how individuals with little or no technical expertise used AI tools to carry out sophisticated cybercrime. Anthropic revealed that its chatbot was used...Read More
[ad_1] Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock. Written in Golang, the newly identified strain uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts in real-time. The open-weight language model was released by OpenAI earlier this month. “PromptLock leverages...Read More
[ad_1] A financially motivated threat group operating since 2021 has refined its technical tradecraft, honing its focus on cloud-based systems that allow it to expand ransomware operations beyond the scope of on-premises infrastructure, Microsoft Threat Intelligence said in a report released Wednesday. By leveraging cloud-native capabilities, Storm-0501 has exfiltrated large volumes of data with speed,...Read More
[ad_1] Although Storm-0501 had valid credentials, it didn’t have the necessary second MFA factors, nor was it able to satisfy policy conditions. They could, however, leverage on-premises control to pivot across Active Directory domains and find a non-human synced global admin identity that lacked MFA to reset the user’s on-premises password, sign in to the...Read More
[ad_1] In the shadowy underbelly of cybersecurity, a chilling evolution is unfolding: ransomware, long a scourge of digital networks, is now being supercharged by artificial intelligence. Cybercriminals are harnessing generative AI tools to craft more sophisticated, evasive strains of malware, marking a pivotal shift in how threats are conceived and deployed. Recent discoveries highlight this...Read More
[ad_1] AI firm Anthropic revealed today that its advanced AI models are being actively weaponized by cybercriminals for sophisticated, end-to-end attacks. In a new threat intelligence report, the company details a disturbing trend it calls “vibe-hacking,” where a single malicious actor uses an AI agent like Claude as both a technical consultant and an active...Read More
