Experts from SANS have shared at RSA Conference what are the most dangerous forms of cyberattacks for 2023. The first is SEO-boosted attacks where attackers use SEO to boost the rankings of their malware-laden sites in order to send more victims their way. Next is Malvertising where attackers are purchasing ads on search engines for their get their malicious sites to the top of the search results. An example was a lookalike campaign for a free piece of 3D graphic software called Blender. The top three ad results for that keyword search were all to malicious lookalike sites. It was not until the fourth result that you get to the legitimate software website. Developers as a Target is next as they usually have elevated privileges across IT and business systems and their machines are less locked down than the average user. Fourth on the list is Offensive Uses of AI, where attackers would leverage tools like ChatGPT to ramp up their development of exploits and zero-day discovery. And last is weaponizing AI for social engineering where attackers are expected to dramatically ramp up their use of AI to make social engineering and impersonation attempts highly believable.

This segment was created for the It’s 5:05 podcast