4 comments

[ 3.3 ms ] story [ 17.6 ms ] thread
I don't think these kinds of surveys are (1) accurate or (2) particularly useful, but the gold standard for this kind of stuff is the Verizon DBIR:

https://enterprise.verizon.com/resources/reports/dbir/

For CISOs wanting to learn from past attacks, is there anything you would recommend as either accurate or useful (or both)?
The article notes that the number of "AI/ML hacking tools" has grown -- is there documented use of malicious actors using AI as part of campaigns? I've seen researchers publish tools that would likely fall into this space, but I'm curious if there's any known usage of these or other tools for malicious ends.