惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

月光博客
月光博客
Cyberwarzone
Cyberwarzone
L
LINUX DO - 最新话题
N
News and Events Feed by Topic
T
Troy Hunt's Blog
Help Net Security
Help Net Security
S
Security @ Cisco Blogs
Google DeepMind News
Google DeepMind News
Security Archives - TechRepublic
Security Archives - TechRepublic
M
MIT News - Artificial intelligence
G
Google Developers Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
V2EX - 技术
V2EX - 技术
Y
Y Combinator Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
大猫的无限游戏
大猫的无限游戏
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Microsoft Security Blog
Microsoft Security Blog
Cisco Talos Blog
Cisco Talos Blog
T
Threatpost
Recent Commits to openclaw:main
Recent Commits to openclaw:main
S
SegmentFault 最新的问题
I
InfoQ
H
Hacker News: Front Page
D
Docker
Scott Helme
Scott Helme
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Blog — PlanetScale
Blog — PlanetScale
人人都是产品经理
人人都是产品经理
博客园 - 叶小钗
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
N
Netflix TechBlog - Medium
AWS News Blog
AWS News Blog
Know Your Adversary
Know Your Adversary
博客园 - 【当耐特】
T
Tor Project blog
U
Unit 42
H
Heimdal Security Blog
Microsoft Azure Blog
Microsoft Azure Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
P
Privacy & Cybersecurity Law Blog
PCI Perspectives
PCI Perspectives
美团技术团队
O
OpenAI News
T
Tailwind CSS Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
B
Blog
GbyAI
GbyAI
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
MyScale Blog
MyScale Blog

Enterprise – Silicon Republic

Commission refers Ireland to CJEU for failing to enact cyber rules Cloudflare to block AI crawlers from ad-supported webpages by default Google ordered to pay Klarna nearly $2bn in abuse-of-power row Upcoming iPhone 18 model leaked in Tata Electronics hack Data breaches going unreported – Irish compliance survey Cybersecurity warning for Irish businesses ahead of EU Presidency Dublin's TensorX to partner with Solstice on sovereign European AI Irish Internet Hotline named Trusted Flagger under EU Digital Services Act Don't panic, prepare: A cyber expert's advice on the Mythos hype Day-to-day cyber incidents driving loss for SMEs, finds report Anthropic to reassess Claude Fable 5 AI development restrictions after backlash Anthropic rolls out ‘Mythos-like’ AI model Claude Fable 5 EMEA firms underestimating 'routine risks', finds cyber report More than 20,000 Instagram accounts hacked using Meta AI bug Report: Irish firms cut cybersecurity spend despite rising risks TCS launches sovereign cloud offering in Europe ECB urging action on AI from lenders’ IT departments Hackers access GitHub, download codebase in Grafana Labs breach Europe's public sector deploying AI faster than it can manage – report UK watchdog probes Microsoft over interoperability issues Foxconn confirms cyberattack on North American facilities Clear gap between AI expectations and preparedness, finds report Canvas parent settles with hacker group that stole user data ShinyHunters demands ransom after Canvas hack EU agrees to simpler AI rules and complete ‘nudification’ ban What’s the difference between IT and OT security? Opinion: Why ISO 27001 alone won't save your data from itself Report: Medical device cyberattacks on the rise AI race intensifies with Google's new agent management platform Anthropic probing reported Mythos leak on Discord Nearly 75pc of AI’s economic value captured by just 20pc of companies Anthropic’s Mythos to bolster cybersecurity at UK banks The death of ETL: Is zero-copy a ‘liberation’ for data teams? After Anthropic, OpenAI launches cyber-specific AI model The Interview: Dentons' Carlo Salizzo on three forces defining digital law Anthropic's Mythos a game-changer, NCSC chief tells Oireachtas Mythos just first of power models to come: Anthropic co-founder New XP95 hacker group targets Dublin recruitment platform Healthdaq OpenAI apps for MacOS exposed by threat Mythos testing begins as governments raise cyber concerns Anthropic's Glasswing project employs Mythos to prevent AI cyberattacks Is your data integrity framework just a fancy spreadsheet? Ireland begins digital wallet testing and consultation How is Australia working to make data centres more sustainable? China's DeepSeek suffers rare outage lasting several hours ShinyHunters claims responsibility for European Commission breach Security first: Why cybersecurity needs to adapt in the age of AI iOS hacking tool 'DarkSword' leaked on GitHub China’s Alibaba could launch Qwen for enterprise this week Stryker's Cork site hit by global cyberattack Office.eu and the hope for a digitally sovereign Europe How fully homomorphic encryption is reshaping secure AI Major phishing operation disrupted in joint Europol action Hacking tool with possible US origins targets outdated iPhones Pure Storage, now Everpure, to acquire 1touch Why cloud strategies are pivoting from reaction to precision ‘Complexity is where cyber risk tends to grow’ ‘In cyber, bridging the gap between the server room and boardroom is crucial’ AWS expanding in Belgium, Netherlands and Portugal, amid sovereign cloud launch
Hacker used commercial AI to breach 600 firewalls: AWS
Suhasini Srinivasaragavan · 2026-02-23 · via Enterprise – Silicon Republic

AWS describes the campaign as an ‘AI-powered assembly line for cybercrime’.

Commercial AI services are lowering the technical barrier needed to commit cybercrimes, and Amazon has warned that this trend will continue.

Amazon Web Services (AWS) said it recently observed what it described as a Russian-speaking, financially motivated threat actor leveraging multiple commercial generative AI (GenAI) services to compromise more than 600 FortiGate devices across more than 55 countries between 11 January and 18 February.

FortiGate is a newer generation firewall that provides advanced network protection when compared to more traditional ones.

AWS described the hacker as an “unsophisticated” individual or small group armed with AI tools that helped them achieve an operational scale to carry out the attacks, something that would have previously required a significantly larger and more skilled team.

The campaign stuck out to AWS because of the hacker group’s use of multiple commercial GenAI services. AWS described the campaign as an “AI-powered assembly line for cybercrime, helping less skilled workers produce at scale”, in a blog authored by CJ Moses, who leads security engineering and operations at Amazon.

The threat actor compromised globally dispersed FortiGate appliances, accessing credentials and device configuration information. They then used these stolen credentials to connect to victims’ internal networks to access more credentials and attempt to access backup infrastructure.

According to AWS’s observations, FortiGate vulnerabilities were not exploited by the hacker. Instead, the campaign exploited exposed management ports and weak credentials with single-factor authentication.

Moreover, when the actor encountered more secure environments, they moved on to softer targets rather than persisting, meaning their capability probably lies in AI-augmented efficiency and scale, not deeper technical skills, according to AWS.

The targeting seemed opportunistic rather than sector-specific, attacking vulnerable appliances via mass scanning using AI tools, AWS noted.

The threat actor in this campaign is not known to be associated with any advanced persistent threat group with state-sponsored resources, the blog explained. Amazon said it was not compromised in this incident.

To respond, AWS recommended that organisations running FortiGate appliances should ensure management interfaces are not exposed to the internet, and advised that organisations change all default and common credentials on FortiGate appliances, including administrative and VPN user accounts.

In addition, AWS recommended that organisations enforce unique, complex passwords for all accounts.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.