Brandon H  Feb 4

via #Microsoft : Updates in two of our core priorities

https://ift.tt/xyVzWFg
#NetNewArticle #UpdatesInTwoCorePriorities #Microsoft #Security #Quality #Engineering #SatyaNadella #HayeteGallot #CharlieBell #SecurityCopilot #Purview #AgentPlatform #SecureFutureInitiative #Quali

Updates in two of our core priorities - The Official Microsoft Blog

Satya Nadella, Chairman and CEO, posted the below message to employees on Viva Engage this morning. I am excited to share a couple updates in two of our core priorities: security and quality. Hayete Gallot is rejoining Microsoft as Executive Vice President, Security, reporting to me. I’ve also asked Charlie Bell to take on a...

The Official Microsoft Blog
Petrus VaseniusAug 25, 2025

AI co-pilots like Microsoft Security Copilot are here to reshape how security operations centers handle scale, speed, and complexity. Used well, they cut time-to-meaning, reduce analyst fatigue, and surface higher-value investigations for humans to resolve. Used poorly, they can amplify bias, create automation blind spots, and erode trust.

My blog post will enlighten the topic with some concrete tips.

https://vasenius.fi/empowering-soc-analysts-human-ai-co-teaming-strategies-with-security-copilot/

#SecurityOperationsCenter #SecurityCopilot #MicrosoftSecurity

Empowering SOC Analysts: Human - AI Co-Teaming Strategies with Security Copilot - The Security Everywhere

A practical, human take for SOCs on blending analyst judgment with AI speed – without tripping over privacy, governance, or […]

The Security Everywhere
WinbuzzerJul 14, 2025

Microsoft Embeds Security Copilot in Intune and Surface Portal, Automating Endpoint Management with AI

#Cybersecurity #Microsoft #AI #Intune #Copilot #EndpointManagement #SecurityCopilot

https://winbuzzer.com/2025/07/14/microsoft-embeds-security-copilot-in-intune-and-surface-portal-automating-endpoint-management-with-ai-xcxwbn/

Benjamin Carr, Ph.D. 👨🏻‍💻🧬Apr 2, 2025
#Microsoft used its #AI-powered #SecurityCopilot to discover 20 previously unknown vulnerabilities in the #GRUB2, #UBoot, and #Barebox #opensource #bootloaders.
GRUB2 (GRand Unified Bootloader) is the default boot loader for most #Linux distributions, including Ubuntu, while U-Boot and Barebox are commonly used in embedded and #IoT devices.
https://www.bleepingcomputer.com/news/security/microsoft-uses-ai-to-find-flaws-in-grub2-u-boot-barebox-bootloaders/ #ITSec
Microsoft uses AI to find flaws in GRUB2, U-Boot, Barebox bootloaders

Microsoft used its AI-powered Security Copilot to discover 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders.

BleepingComputer
WinbuzzerApr 2, 2025

Microsoft AI Security Copilot Finds Hidden Flaws in GRUB2 and Other Bootloaders

#Cybersecurity #Microsoft #SecurityCopilot #GRUB2 #Uboot #Barebox #AI #OpenSourceSecurity #UEFI #Linux #VulnerabilityResearch

https://winbuzzer.com/2025/04/02/microsoft-ai-security-copilot-finds-hidden-flaws-in-grub2-and-other-bootloaders-xcxwbn/

Opalsec Apr 1, 2025

The North Koreans and Russians have been busy, Insiders abound, and attacker tradecraft continues to evolve!

Catch all this and more in our latest wrap-up of the day's news:

🗞️ https://opalsec.io/daily-news-update-monday-april-1-2025-australia-melbourne/

There are a few noteworthy stories to get across - here's the TL;DR to get you up to speed:

🕵️ North Korean Infiltration: This is way bigger than many think. DPRK nationals are landing jobs inside global companies, gaining privileged access ("keys to the kingdom" level!). DTEX reports active investigations in 7% of their Fortune Global 2000 clients, and CrowdStrike notes nearly 40% of their NK-related IR cases involved insiders. They move fast post-hire, pivoting to supply chains and installing RATs disguised as onboarding. Watch out for highly anomalous login behaviour (like days-long sessions!). Rigorous remote hiring checks (camera on, resume checks, comms style) are crucial.

🎣 ClickFix Tactics by Lazarus: The infamous North Korean group is evolving its 'Contagious Interview' campaign (now dubbed 'ClickFake' by Sekoia). They're targeting crypto job seekers (shifting focus to non-tech roles too!) with fake website/document errors ('ClickFix'). These prompt users to run PowerShell/curl commands, dropping the 'GolangGhost' backdoor. Watch out for lures impersonating giants like Coinbase or Kraken. Sekoia has shared YARA rules – definitely worth checking out.

💻 WordPress MU-Plugin Abuse: Bad actors are getting stealthy by hiding malicious code in WordPress "Must-Use Plugins" (wp-content/mu-plugins/). These execute automatically on every page load without activation, making them hard to spot. Sucuri is seeing redirects to fake browser updates, webshell backdoors fetching code from GitHub, and JS hijackers replacing content or links. Keep those instances patched, clean up unused plugins/themes, and lock down admin accounts (MFA!).

Check out what else happened in the past 24 hours, and subscribe to get each edition straight to your inbox:
📨 https://opalsec.io/daily-news-update-monday-april-1-2025-australia-melbourne/#/portal/signup

#CyberSecurity #InfoSec #ThreatIntelligence #Hacking #DataBreach #Phishing #Malware #WordPress #NorthKorea #Russia #Ukraine #AI #SecurityCopilot #GRUB2 #Bootloaders #InsiderThreat #DataProtection #CyberAttack #infosecurity #cybersecuritynews #ClickFix

Daily News Update: Monday, April 1, 2025 (Australia/Melbourne)

DPRK actors actively infiltrate global businesses, gaining privileged access and pivoting to 3rd parties. Lazarus adopts "ClickFix" tactics, luring job seekers and targeting non-technical roles. Attackers abuse malicious WordPress mu-plugins, a stealthy technique to inject code into every page.

Opalsec
Alvin Ashcraft 🐿️Mar 25, 2025

Microsoft unveils Microsoft Security Copilot agents and new protections for AI.

https://www.microsoft.com/en-us/security/blog/2025/03/24/microsoft-unveils-microsoft-security-copilot-agents-and-new-protections-for-ai/

#ai #security #microsoft #copilot #securitycopilot #rai #responsibleai

Microsoft unveils Microsoft Security Copilot agents and new protections for AI | Microsoft Security Blog

Learn more about the next evolution of Security Copilot with AI agents designed to autonomously assist with phishing, data security, and identity management.

Microsoft Security Blog
TechNewsRoMar 25, 2025

#Microsoft expands #SecurityCopilot with #AI agents

https://technewsro.blog/microsoft-extinde-security-copilot-cu-agenti-ai/

Microsoft extinde Security Copilot cu agenți AI - TECHNEWSRO

Microsoft inovează continuu pentru a oferi soluții avansate de securitate cibernetică. Prin lansarea noilor agenți AI pentru Microsoft Security Copilot și îmbunătățirile aduse la platformele existente, compania redefinește protecția în era inteligenței artificiale.Agenți AI: O soluție pentru complexitatea cibernetică Unul dintre cele mai captivante anunțuri este introducerea agenților autonomi care se pot ocupa de sarcini

TECHNEWSRO - Pasionat de tehnologie
WinbuzzerMar 24, 2025

Microsoft's Security Copilot now features AI agents designed to autonomously handle high-volume security tasks

#AI #Microsoft #MicrosoftSecurity #AIAgents #Cybersecurity #SecurityCopilot #AIinCybersecurity #CybersecurityUpdates

https://winbuzzer.com/2025/03/24/microsoft-expands-security-copilot-with-ai-agents-to-automate-cyber-defense-xcxwbn/

Martin Boller     May 11, 2024

Don't think @malwarejake shared this on the Fediverse

#DoINeedSecurityCoPilot #SecurityCoPilot