The most interesting thing about the new SearchLeak attack on Microsoft 365 Copilot isn't any single bug. It's that none of the three pieces was dangerous on its own. Varonis combined a prompt injection via a URL parameter, an HTML rendering race condition, and a server-side request forgery in Bing's image search. Each of these is a common bug that security teams usually consider minor. But when you put them together with a Copilot that can access your mailbox, OneDrive, and SharePoint, they create a critical flaw. Microsoft has since patched this issue (CVE-2026-42824).

This is how the attack worked:

* The victim clicks a link. That's the whole interaction. They type nothing.

* The link instructs Copilot to search the mailbox, find sensitive information such as access codes, and place it into an image URL.

* Bing retrieves that image, which sends the stolen data to the attacker's server. Bing serves as the delivery service, allowing the attack to bypass the content security policy intended to stop it.

From the user's perspective, Copilot just pauses for a moment. There is no visible sign that any data has been taken.

In the past, we've spent years rating bugs by their severity on their own. An SSRF here, an HTML injection there—each seemed minor. But when an AI assistant can follow instructions from untrusted input and access your real data, those minor bugs become much more serious. Old types of vulnerabilities become important again in this new context.

If your company uses Copilot or any AI assistant that can access company data, it is important to ask your team how they are rating bugs that affect it. The way we judge what is low risk has changed.

https://www.bleepingcomputer.com/news/security/new-attack-turned-microsoft-365-copilot-into-1-click-data-theft-tool/

#AI #Cybersecurity #InfoSec #security #privacy #cloud #AttackChain

For a long time, people said the law was behind when it came to deepfake abuse. That seems to be changing. The DOJ took down two sites, CFAKE and SOCFAKE, which prosecutors say had thousands of fake nude images of well-known women, including politicians, journalists, and athletes. This is one of the first big federal actions under the TAKE IT DOWN Act, passed in May 2025. The law makes it a federal crime to publish sexually explicit fake images of an identifiable adult without their consent if the goal is to cause harm.

Here are a few things of note:

* The images may be fake, but the people targeted are real, and so is the harm to their reputation and privacy. The law was created to address this specific problem.

* This effort was international. Italy's cyber police were the first to spot the sites and then shared evidence with France under the Budapest Convention. A suspect was arrested in Nice on June 10.

* The DOJ made it clear that taking down the sites is just the beginning. For anyone running similar sites, seizing the domain is only the first step, not the last.

One important thing to remember: putting a seizure notice on a website can help stop some abuse, but the technology to make these images is cheap and widely available. Law enforcement can go after those who host or profit from this content, but they can't make the technology disappear. This means victims still have to find and report the images themselves, which is tiring and unfair.

If you or someone you know is facing this problem, StopNCII(.)org works with most major platforms to remove nonconsensual images. You can also report it to the FBI at ic3(.)gov. It's good to know these options before you need them.

https://hackread.com/feds-seize-cfake-and-socfake-explicit-deepfakes-women/

#Cybersecurity #Privacy #AI #security #cloud #infosec #DeepFakes

I just finished reading Google's new report about a Chinese espionage group that spent over a year inside North American medical and military research networks. What stands out is how ordinary their method was. They used a standard Google Workspace admin feature called a content compliance rule, which lets admins flag emails based on certain words or addresses. The attackers set up one of these rules, called it "Patroit" (misspelling Patriot), and used it to secretly BCC every matching email to a Gmail account they controlled. This gave them a steady stream of sensitive defense, policy, and medical research emails, all through a feature that was working exactly as intended.

Here are a few important points to consider:

- The attackers got in through a REDCap server that was exposed to the internet. Hospitals and universities often use these servers to store clinical research data. The first known break-in happened in September 2023.

- They installed malware called InfiniteRed to steal real login credentials, then used admin accounts to move through the network.

- The data theft relied on a legitimate, built-in feature. There were no suspicious files to detect.

This last point is important. We invest heavily in finding malware and suspicious files. But a configuration rule set up by an admin on an ordinary day just looks like regular work. That’s why it went unnoticed for so long.

If you manage email for your company using Google Workspace or Microsoft 365, check today who can create forwarding and compliance rules, and whether anyone gets notified when those rules change. Taking a few hours to review this now could save you from much bigger problems down the road.

https://www.theregister.com/research/2026/06/15/google-says-prc-linked-spies-hid-in-medical-research-networks-for-more-than-a-year/5254547

#Cybersecurity #InfoSec #RiskManagement #security #privacy #cloud #email

Loving our new brand...

Shifting workplace expectations, geopolitical tensions, technology disruptions, and more have created one of the most challenging business landscapes to date, leaving organizations faced with a multitude of emerging challenges and competing priorities – and an even more crucial need for leaders to rise to the top.

Today, we are proud to unveil the next evolution of RHR International, bringing our best work into clearer focus, helping leaders see this complexity as a catalyst for opportunity while unlocking the true potential of leadership within their organizations.

Visit our website (www.rhrinternational.com) to learn more and follow along as we empower leaders to unlock the full potential of their people and organizations for today’s business environment.

#LeadershipDevelopment
#Leadership
#TalentDevelopment
@RHR_International

This project really made me smile. Andrew Warkentin has created a virtual museum with over 600 operating systems, all set up and ready to run on a regular computer. The collection covers everything from the Manchester Baby in 1948, which was the first stored-program machine, to early Android versions from 2011. He’s been gathering these images since 2003.

It’s clearly fun, but what really impressed me was how useful it is. If you teach or work in security, it’s hard to find a collection of old systems you can actually start up. You can show students how operating systems managed memory, permissions, and networking before today’s safety features, and you get to do it on a live system instead of just looking at screenshots.

Here are a few reasons why it stood out to me:

1. Everything is already set up. Running old software is usually a hassle because some systems only work with certain emulator versions or need special patches. Warkentin has already handled all of that, so you don’t have to.
2. The collection is huge. It includes the earliest mainframes and CTSS, many DOS versions, early Windows, classic Mac OS, the Lisa, and even rare hobby systems that most people have never tried.

There is one thing to keep in mind. Most of the images only include the software that originally came with the operating system, like calculators and text editors, so they’re a bit limited at first. Finding old software for systems like CTSS can be tricky. Think of this as a history archive you can use, not a complete app store.

But above all, I think this is a fantastic way to preserve history. A lot of early software has already been lost or can’t be read anymore. Keeping working copies that people can still use helps keep that history alive. If you used any of these systems growing up, try starting one up and see what memories come back. And if you’re a teacher, this could be the best classroom tool you find all year.

https://www.theverge.com/tech/945246/virtual-os-museum-dos-windows-mac-os

#Cybersecurity #InfoSec

 This new agentic AI demo from Apple's WWDC was so cool. Apple Intelligence can now log into your accounts, reset a compromised password, and save the new one so you don’t have to remember it.

This is super important because weak and reused passwords still account for a large share of account breaches, and fixing them has always been a hassle. Most people struggle with password hygiene and rarely reset all their accounts. A tool that handles this for you bridges the gap between knowing you should do it and actually doing it.

Here’s why I think it’s a good idea:

1. It targets the main weakness. Most breaches begin with something simple, like a password that has already leaked elsewhere.

2. It takes away the hassle that keeps people from taking action. The best security tool is the one people actually use.

I do have one quick caution. An agent that can change your credentials is powerful, so it’s important to know how Apple keeps it secure and how quickly you can turn it off. Still, the main idea is solid, and it shows how this technology can really help by handling the security tasks people usually avoid. I hope other password managers add this feature too. And always use MFA!

https://gizmodo.com/apple-intelligence-can-change-your-passwords-for-you-when-you-get-hacked-2000769041

#AI #InfoSec #Cybersecurity #security #privacy #cloud #infosec

For years, we’ve worried about who collects our data. Now, The Washington Post has shown us how it can be used: to charge you as much as it thinks you’ll pay.

The main plaintiff paid $42.40 for a year of the Post in 2024. In 2025, her price jumped to $127.20. Her most recent renewal was $148.40. An algorithm set these prices by analyzing her personal data. She only found out because a New York law requires companies to disclose this practice.

Here are a few details that should concern you:

1. The lawsuit claims the Post created individual profiles from subscribers’ devices and used them to guess the highest price each person would accept.

2. The Post also asks you to link your Amazon account, which gives the pricing system even more of your personal data.

If you ignore the AI buzzwords, this is just old-fashioned price discrimination. The difference is that now the seller knows your income and even your recent browsing history. Most people won’t realize they’re paying a personalized markup, since most states don’t require the kind of disclosure that revealed this case.

If you design these systems, pay close attention to this issue. It’s reasonable to use data to make a product better. But using it to secretly decide who pays more is what courts are now being asked to call deceptive. As disclosure laws spread, it’s wise to set your own standards before regulators do it for you.

https://gizmodo.com/washington-post-sued-over-alleged-surveillance-pricing-after-subscription-prices-jump-dramatically-2000770744

#Privacy #AI #RiskManagement

Google's defense for false AI Overviews: Nobody should blindly trust AI output anyway. And they're right. A German court agreed nobody should trust it, then held Google liable for it regardless.

However, the court found that your product only has value if people trust it. You can't sell a tool that answers with confidence and then tell a judge the answers shouldn't be believed.

Two things from the ruling of note:

1. Search engines get liability protection because surfacing third-party links is unavoidable. The court said AI summaries are optional. Nobody needs them to search the web, so they don't get the same level of protection.

2. Google's AI Overviews on the current Gemini model are wrong about 9% of the time and attach bad source links 56% of the time. Most people never click through to check. Trust, but verify!

Put that together, and a tool like this produces millions of wrong answers a day, and almost nobody verifies them. Which they should. I keep coming back to accountability, companies, and individuals. Someone decided to ship a feature that makes confident, original claims about real businesses and didn't fix them quickly when they were wrong. Additionally, it's up to the end user to always verify the claims. However, the court called it the company's own speech and liability.

If you're adding AI features to your product, the lesson is simple. You own what your tool says. The disclaimer won't save you.

https://arstechnica.com/tech-policy/2026/06/nobody-needs-ai-to-search-the-internet-court-says-in-ruling-against-google/

#AI #RiskManagement #Cybersecurity #TrustButVerify

✨ A sparkle icon appears in an app that no one in IT approved. The help desk can't explain it, and it's already processing your data! This kept coming up in conversations with other CIOs, so I wrote about it in my latest Forbes piece.

The pattern repeats across so many vendors; here are just a few:
・Zoom auto-enabled AI Companion on host accounts, with recordings and full transcripts already defaulted on
・Microsoft 365 Copilot activates for every admin if your tenant holds a single paid license, and opting out means building a special security group
・Google's Workspace Intelligence shipped default-on for Gmail, Drive, Chat, and Calendar, with admin controls lagging the live feature by up to 72 hours
・OpenAI disables connectors by default for Enterprise customers but enables them for Business. Same vendor, opposite defaults.

Every default-on feature just transfers governance work from the vendor to you, along with wiretap exposure and e-discovery sprawl that nobody signed up for.

My ask of vendors is simple: ship AI features off by default and give admins an evaluation window measured in weeks, not days. Until that happens, assume the next AI feature is already live in your tenant. Review your configurations like it's a recurring operational task, because it is.

Full piece here: https://www.forbes.com/councils/forbestechcouncil/2026/06/10/default-on-ai-are-saas-vendors-outsourcing-their-risk-to-you

#RiskManagement #Forbes #ForbesTechnologyCouncil #ForbesTechCouncil #leadership #security #privacy #cloud #infosec #cybersecurity #AI #SaaS  
@forbes @Forbes @forbestechcncl @RHR_International @depaulu #DePaul #DepaulU #DePaulUniversity #DePaulCDM