Hoxhunt's artificial intelligence-based spear-phishing agent JKR has become 24% more effective in establishing simulated phishing campaigns than human red teams, which were 10% and 24% better than their AI counterparts in tests conducted in November and 2023, respectively, reports SiliconAngle.Most recent testing of JKR last month involved the utilization of increasingly advanced large language models that allowed the creation of more adaptive intrusions, with the agent's prompts and output persistently improved through the "Evolves" internal process, the Hoxhunt report revealed. The integration of such an agent into phishing-as-a-service platforms could only strengthen mass phishing intrusions, with attacks evading email filters having already increased by 49% since the emergence of OpenAI's ChatGPT tool in 2022, according to Hoxhunt researchers. "As AI technology continues to evolve, the ability to craft more sophisticated phishing attacks on demand will only increase, making AI an essential tool in both offensive and defensive cybersecurity strategies," said Hoxhunt co-founder and Chief Technology Officer Pyry Avist.
An In-Depth Guide to AI
Get essential knowledge and practical strategies to use AI to better your security program.
CNBC reports that Chinese artificial intelligence startup DeepSeek was found by South Korea's Personal Information Protection Commission to have moved user data to multiple China- and U.S.-based firms without necessary consent and disclosures as part of a privacy and security investigation.
Generative artificial intelligence has been added to the Darcula phishing-as-a-service toolkit to enable the creation of phishing forms in several languages just months after the PhaaS platform was updated to facilitate website cloning without much difficulty, The Hacker News reports.
