Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label MITRE ATT&CK. Show all posts
phishing
AI Driven Cyber Attacks Anthropic Artificial Intelligence MITRE ATT&CK phishing

Researchers Warn AI Is Blurring the Line Between Skilled and Unskilled Hackers

 




For years, cybersecurity teams have relied on established methods to determine how dangerous a threat actor might be. Analysts typically examine the techniques an attacker uses, the tools involved, and the complexity of an operation to estimate the level of risk. New research from Anthropic, however, recommends that artificial intelligence is beginning to disrupt those assumptions.

The company's Frontier Red Team recently analyzed 832 user accounts that were removed from Anthropic's platforms for engaging in malicious cyber activity between March 2025 and March 2026. Researchers compared the observed behavior against the MITRE ATT&CK framework, a widely used industry resource that categorizes adversary tactics and techniques. Portions of the findings were also referenced in Verizon's 2026 Data Breach Investigations Report.

It's a signal to keep up with how cybercriminals are using AI. Rather than limiting AI to basic tasks, attackers are increasingly applying it to activities that take place after gaining access to a target environment. This trend suggests that AI is becoming part of deeper operational stages of cyber intrusions, including tasks that traditionally required stronger technical expertise.

Among all observed cases, malware development was the most common use of AI. Researchers found that 560 of the 832 analyzed accounts, representing more than two-thirds of the dataset, used AI-assisted tools to help create or modify malicious software. While this finding was expected, the more notable change appeared elsewhere.

Throughout the study period, researchers recorded a movement away from AI-assisted initial access activities and toward post-compromise operations. One example was account discovery, a process attackers use to identify valid user accounts within a breached network. AI-assisted account discovery increased by 8.9% during the reporting period. By contrast, AI-supported phishing activity declined by 8.6%.

The data also showed growing use of AI during lateral movement operations. Lateral movement refers to the actions attackers take after entering a network to expand their access and reach more valuable systems, users, or data repositories. According to the report, 54 of the 832 observed actors used AI assistance during this stage of an intrusion.

Historically, activities such as account discovery, privilege escalation, and lateral movement have been associated with more experienced operators because they require a stronger understanding of network environments and attack workflows. Researchers argue that AI is reducing those technical barriers, allowing a broader range of actors to perform tasks that were previously more difficult to execute effectively.

This change became visible in the study's risk assessment data. During the first half of the observation period, approximately 33% of threat actors were categorized as medium-risk or higher. During the second half, that proportion rose to 56%. Researchers described this increase as evidence that AI is helping a larger segment of the threat landscape carry out more advanced cyber activity.

The findings also raise questions about how the industry evaluates attacker sophistication. Security teams have long treated the number of techniques used during an attack as an indicator of capability. Anthropic's analysis suggests that this relationship is becoming less reliable in AI-assisted environments.

Researchers found only a small difference between lower-risk and higher-risk actors when measuring the number of techniques used. Less sophisticated actors employed an average of 16 techniques, while the most capable actors averaged 20. The narrow gap indicates that technique counts alone may no longer provide a meaningful way to prioritize threats.

The same pattern appeared when researchers examined how attackers interacted with AI systems. Whether actors used Claude Code, direct API access, or standard chat interfaces showed little connection to their assessed risk level. Simply identifying which AI tool was used did not provide a clear indication of the threat posed by an actor.

Instead, researchers found that the location of AI usage within the attack lifecycle was a stronger indicator of risk. Higher-risk operators tended to apply AI to technically demanding stages of an intrusion, including internal reconnaissance, privilege escalation, and lateral movement. These activities often have a direct impact on how effectively an attacker can establish control over a compromised environment.

Even that distinction may not remain useful indefinitely. Researchers observed that these more advanced use cases are gradually spreading throughout the broader threat ecosystem. As AI tools become more accessible and capable, activities once associated with a smaller group of highly skilled operators may become increasingly common.

Anthropic identified another characteristic that separated the most dangerous actors from the rest. Rather than using AI for isolated tasks, some operators built systems around AI models that connected multiple attack stages together. This allowed AI to support planning, execution, and decision-making across larger portions of an operation with limited human involvement.

Researchers describe this capability as agentic attack orchestration. In practical terms, it refers to AI systems that can assist with coordinating different phases of an intrusion, helping move an attack from one stage to another without requiring constant manual direction from an operator.

According to the report, this rising behavior exposes a limitation in existing cybersecurity frameworks. MITRE ATT&CK was designed to document attacker actions and techniques. It was not built to measure the degree of autonomy involved when AI systems help coordinate those actions.

Anthropic underlined this challenge using a cyber-espionage campaign it disrupted in November 2025. The operation involved attempts to use Claude Code in support of intrusion activity targeting organizations in multiple regions with relatively little direct human intervention.

When researchers mapped the operation to MITRE ATT&CK, it generated a profile containing 30 techniques across 13 tactics. On paper, that profile appeared comparable to many medium-risk actors included in the study. However, Anthropic's internal evaluation system assigned the operation the maximum possible risk score of 100.

Researchers argue that the discrepancy exists because current frameworks focus on what actions occur during an attack rather than how those actions are coordinated. An AI-assisted system capable of executing commands, identifying vulnerabilities, collecting credentials, and adapting to changing conditions throughout an intrusion presents a different operational challenge than a human manually performing each step.

The report notes that there are currently no ATT&CK categories specifically designed to capture autonomous orchestration, automated chaining of attack stages, or the reduction of human decision-making throughout an attack lifecycle.

Anthropic says it is actively discussing potential framework updates with MITRE to better account for AI-enabled attack behaviors. The company has also used insights from the research to strengthen safeguards within its own models, including controls intended to detect and prevent misuse involving malware development and large-scale data theft attempts.

For defenders, the findings suggest that traditional indicators may no longer provide a complete picture of cyber risk. A threat actor using AI to automate portions of an attack may achieve outcomes similar to those of a more experienced operator performing the same tasks manually. Likewise, an individual using a basic chat interface could potentially conduct operations that resemble those performed through more advanced integrations.


Read more »
sophos
Artificial Intelligence Claude malware MITRE ATT&CK ransomware sophos

AI-Assisted Malware Lab Found Testing Ways to Evade Security Tools, Sophos Reports

 



Researchers at cybersecurity firm Sophos have uncovered a malware development framework that uses artificial intelligence tools to speed up the creation and testing of ransomware-related software designed to avoid detection by security products.

The investigation began after Sophos analysts discovered suspicious files on a customer system. What initially appeared to be a collection of penetration-testing tools soon revealed signs of criminal activity, including references to ransom notes and organizations listed on ransomware leak sites.

According to Sophos, the framework combines traditional attack tools with AI-assisted development workflows. Researchers found evidence that the operators used coding assistants such as Cursor and Claude Opus during different stages of development, including writing code, reviewing results, refining payloads, and researching techniques that could help malware evade security controls.

One of the framework's primary goals was to bypass Endpoint Detection and Response (EDR) platforms. These security products are designed to identify malicious activity on computers and servers, often detecting attacks that traditional antivirus software might miss.

The toolkit contained several components intended to reduce the chances of detection. Among them were customized Cobalt Strike profiles that made malicious network traffic resemble ordinary web browsing activity, communication channels that routed commands through Telegram, and malware development scripts capable of injecting malicious code into legitimate Windows applications while allowing those programs to continue functioning normally.

Researchers also identified the use of a Cloudflare Worker that acted as an intermediary between infected systems and attacker-controlled infrastructure. This setup can make it more difficult for defenders to identify the true location of command-and-control servers.

A particularly notable feature of the framework was an automated Active Directory discovery system. Active Directory is widely used in enterprise networks to manage users, computers, permissions, and other resources. Because it contains valuable information about an organization's internal structure, attackers frequently attempt to map Active Directory environments after gaining access to a network.

Sophos found that the discovery process relied on a series of AI-assisted agents that gathered information, assessed results, selected follow-up actions, and continued the investigation of the network. Rather than requiring a human operator to manually perform every step, parts of the reconnaissance process could be carried out through predefined automated workflows.

The framework itself appeared to operate through multiple specialized AI agents assigned to different tasks. Sophos reported that one agent coordinated the overall development process while others focused on testing, documentation, operational security improvements, virtual machine deployment, proxy testing, and malware evaluation.

Researchers also discovered that some agents had been tasked with examining publicly available security research. The system collected information from technical reports and research publications, extracted details about detection-evasion methods, mapped those techniques to the MITRE ATT&CK framework, recreated testing environments, and documented the results.

At the center of the operation was a Python-based payload generation tool. This component produced malware written primarily in Rust and Go while combining encryption, execution techniques, and anti-analysis measures intended to make detection more difficult. Sophos observed nearly 80 generated modules being tested against more than 70 separate evasion methods.

The malware was evaluated in laboratory environments against security products from Sophos, CrowdStrike, and Microsoft. Researchers noted that repeated testing and revision cycles appeared to improve the success rate of many payloads. However, they also observed inconsistencies between some reported results and actual testing outcomes, leaving questions about the accuracy of certain internal performance claims.

Despite the extensive use of artificial intelligence during development, Sophos found no indication that AI was embedded within deployed malware or operating independently on victim systems. The technology was primarily used to accelerate the research, testing, and refinement process while human operators remained responsible for directing the activity.

The findings provide another example of how threat actors are incorporating AI into existing workflows. Rather than introducing entirely new attack methods, these tools appear to be helping attackers shorten the time needed to transform publicly available security research into functioning malware capable of challenging modern security defenses.

Read more »
MITRE ATT&CK
Credential Theft Cyber Security Info-stealing malware Cybersecurity Malware Threats MITRE ATT&CK

Credential-Stealing Malware Surges, Now a Top MITRE ATT&CK Threat

 

Cybersecurity researchers have uncovered a sharp rise in credential-stealing malware, with 25% of over a million malware samples analyzed in 2024 targeting user credentials. This marks a threefold increase from 2023, propelling credential theft from password stores into the MITRE ATT&CK framework's top 10 techniques. These attacks accounted for 93% of all malicious cyber activities last year.

According to "The Red Report 2025" by Picus Security, threat actors are shifting towards multi-stage, sophisticated attacks, leveraging a new breed of malware. Researchers have labeled this emerging trend "SneakThief," emphasizing its focus on stealth, persistence, and automation. 

Cybercriminals are refining these malware strains to execute highly evasive operations, aiming to carry out "the perfect heist" with built-in capabilities to bypass defenses and extract sensitive data.

Despite growing concerns over AI-driven threats, researchers found no evidence of AI-powered malware in 2024. However, malware samples analyzed were capable of executing an average of 14 malicious actions, with data exfiltration and stealth techniques responsible for 11.3 million cyber incidents last year.

"Focusing on the Top 10 MITRE ATT&CK techniques is the most viable way to stop the kill chain of sophisticated malware strains as early as possible," said Volkan Ertürk, CTO and co-founder of Picus Security. "SneakThief malware is not an exception; enterprise security teams can stop 90% of malware by focusing on just 10 of MITRE's entire library of techniques."
Read more »
Ransomwares
Cyber Security Cyber Security Vendor macOS MacOS Malware Malware attacks MITRE MITRE ATT&CK Ransomwares

MITRE’s Latest ATT&CK Evaluations Reveal Critical Insights into Cybersecurity Solutions

 

MITRE Corporation has published its findings from the latest round of ATT&CK evaluations, offering important insights into the effectiveness of enterprise cybersecurity solutions. This sixth evaluation assessed 19 vendors against two major ransomware strains, Cl0p and LockBit, as well as North Korean-linked malware targeting macOS systems. The advanced malware simulations used during the evaluation highlighted sophisticated tactics, such as exploiting macOS utilities and covert data exfiltration, emphasizing the dynamic nature of modern cyber threats.

The Findings and Their Significance

According to MITRE’s general manager, William Booth, the evaluation revealed notable disparities in vendors’ abilities to detect and distinguish between malicious activities. Some solutions achieved high detection rates but also suffered from alarmingly high false-positive rates, indicating a need for better precision in threat identification. MITRE’s methodology involved a two-phase approach: first, evaluating baseline detection capabilities and then assessing protection performance after vendors adjusted their configurations to improve detection accuracy. This approach highlights the adaptability of vendors in enhancing their solutions to counter emerging threats.

The Struggles with Post-Compromise Detection

A key takeaway from the evaluation was the struggle vendors faced with post-compromise threat detection. MITRE stressed the importance of detecting and mitigating ransomware activities after the initial breach, as ransomware often mimics legitimate system behaviors. Booth emphasized that relying solely on blocking initial infections is no longer sufficient—solutions must also account for activities occurring later in the attack chain. This represents a critical area where cybersecurity solutions need improvement to effectively neutralize threats at all stages of an attack.

Contrasting Detection Strategies

The evaluation also highlighted differences in detection strategies among vendors. Some vendors utilized machine learning and AI-based methods for threat detection, while others relied on more traditional heuristic approaches. These contrasting methodologies led to varying levels of effectiveness, particularly in the detection of false positives and distinguishing between benign and malicious activities. The use of AI-based methods showed promise, but some vendors struggled with accuracy, underscoring the challenges faced by the industry in keeping up with evolving threats.

MacOS Threats: A New Challenge

For the first time, MITRE included macOS threats in its evaluation. Addressing macOS malware posed unique challenges, as there is limited publicly available Cyber Threat Intelligence (CTI) on such threats. Despite these challenges, MITRE’s inclusion of macOS malware reflects its commitment to addressing the evolving threat landscape, particularly as more organizations adopt Apple devices in their enterprise environments. The move signals MITRE’s proactive approach to ensuring that cybersecurity solutions account for all major operating systems in use today.

Looking Ahead: Vendor Transparency and Improvement

Although MITRE refrains from ranking vendors, its evaluation provides transparency that can guide organizations in making informed decisions about their cybersecurity strategies. The findings underscore the importance of refining cybersecurity technologies to meet the demands of a rapidly evolving cyber environment. Booth highlighted that these evaluations encourage vendors to continuously improve their technologies to better counter the increasing sophistication of cyber threats.

By incorporating ransomware and macOS malware into its evaluations, MITRE continues to shed light on the complexities of modern cyberattacks. The insights gained from this evaluation are invaluable for organizations looking to enhance their defenses against increasingly sophisticated threats. As cyberattacks become more advanced, understanding the varying capabilities of enterprise security solutions is essential for building a robust cybersecurity posture.

Read more »
PNNL Research
AI Artificial Intelligence Cyber Defender Cyber Security Machine learning MITRE ATT&CK Open AI Gym PNNL PNNL Research

Researchers Develop AI Cyber Defender to Tackle Cyber Actors


A recently developed deep reinforcement learning (DRL)-based artificial intelligence (AI) system can respond to attackers in a simulated environment and stop 95% of cyberattacks before they get more serious. 

The aforementioned findings were made by researchers from the Department of Energy’s Pacific Northwest National Laboratory based on an abstract simulation of the digital conflict between threat actors and defenders in a network and trained four different DRL neural networks in order to expand rewards based on minimizing compromises and network disruption. 

The simulated attackers transitions from the initial access and reconnaissance phase to other attack stages until they arrived at their objective, i.e. the impact and exfiltration phase. Apparently, these strategies were based on the classification of the MITRE ATT&CK architecture. 

Samrat Chatterjee, a data scientist who presented the team's work at the annual meeting of the Association for the Advancement of Artificial Intelligence in Washington, DC, on February 14, claims that the successful installation and training of the AI system on the simplified attack surfaces illustrates the defensive responses to cyberattacks that, in current times, could be conducted by an AI model. 

"You don't want to move into more complex architectures if you cannot even show the promise of these techniques[…]We wanted to first demonstrate that we can actually train a DRL successfully and show some good testing outcomes before moving forward," says Chatterjee. 

AI Emerging as a New Trend in Cybersecurity 

Machine learning (ML) and AI tactics have emerged as innovative trends to administer cybersecurity in a variety of fields. This development in cybersecurity has started from the early integration of ML in email security in the early 2010s to utilizing ChatGPT and numerous AI bots that we see today to analyze code or conduct forensic analysis. The majority of security products now incorporate a few features that are powered by machine learning algorithms that have been trained on massive datasets. 

Yet, developing an AI system that is capable of proactive protection is still more of an ideal than a realistic approach. The PNNL research suggests that an AI defender could be made possible in the future, despite the many obstacles that still need to be addressed by researchers. 

"Evaluating multiple DRL algorithms trained under diverse adversarial settings is an important step toward practical autonomous cyber defense solutions[…] Our experiments suggest that model-free DRL algorithms can be effectively trained under multistage attack profiles with different skill and persistence levels, yielding favorable defense outcomes in contested settings," according to a statement published by the PNNL researchers. 

How the System Uses MITRE ATT&CK 

The initial objective of the research team was to develop a custom simulation environment based on an open-source toolkit, Open AI Gym. Through this environment, the researchers created attacker entities with a range of skill and persistence levels that could employ a selection of seven tactics and fifteen techniques from the MITRE ATT&CK framework. 

The attacker agents' objectives are to go through the seven attack chain steps—from initial access to execution, from persistence to command and control, and from collection to impact—in the order listed. 

According to Chatterjee of PNNL, it can be challenging for the attacker to modify their strategies in response to the environment's current state and the defender's existing behavior. 

"The adversary has to navigate their way from an initial recon state all the way to some exfiltration or impact state[…] We're not trying to create a kind of model to stop an adversary before they get inside the environment — we assume that the system is already compromised," says Chatterjee. 

Not Ready for Prime Time 

In the experiments, it was revealed that a particular reinforcement learning technique called a Deep Q Network successfully solved the defensive problem by catching 97% of the intruders in the test data set. Yet the research is just the beginning. Yet, security professionals should not look for an AI assistant to assist them with incident response and forensics anytime soon.  

One of the many issues that are required to be resolved is getting RL and deep neural networks to explain the causes that affected their decision, an area of research called explainable reinforcement learning (XRL).  

Moreover, the rapid emergence of AI technology and finding the most effective tactics to train the neutral network are both a challenge that needs to be addressed, according to Chatterjee.  

Read more »
Subscribe to: Posts (Atom)