Microsoft Cracks Down on Malicious Copilot AI Use

According to the tech giant, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services.

Follow Dark Reading:

January 14, 2025

LATEST SECURITY NEWS & COMMENTARY Microsoft Cracks Down on Malicious Copilot AI Use According to the tech giant, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services. Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results Threat actors are targeting people searching for pirated or cracked software with fake downloaders that include infostealing malware such as Lumma and Vidar. Cloud Attackers Exploit Max-Critical Aviatrix RCE Flaw The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware. Telefonica Breach Exposes Jira Tickets, Customer Data The Hellcat ransomware group has stolen roughly 5,000 documents, potentially containing confidential information, from the telecom giant's internal database. The Shifting Landscape of Open Source Security By focusing on vigilant security practices, responsible AI deployment, and alignment with global regulatory standards, the OSS community can make 2025 a transformative year for security. (Sponsored Article) 5 Reasons It's Time to Unify Your Tool Set Security operations platforms claim they can resolve challenges of efficiency and siloed security. Is it time for to consider making the switch? MORE NEWS / MORE COMMENTARY HOT TOPICS Fake CrowdStrike 'Job Interviews' Become Latest Hacker Tactic Cybercriminals are luring victims into downloading the XMRig cryptomining malware via convincing emails, inviting them to schedule fake interviews using a malicious link. Threat Actors Exploit a Critical Ivanti RCE Bug, Again New year, same story. Despite Ivanti's commitment to secure-by-design principles, threat actors — possibly the same ones as before — are exploiting its edge devices for the nth time. The Path Toward Championing Diversity in Cybersecurity Education To build a truly inclusive and diverse cybersecurity workforce, we need a comprehensive approach beyond recruitment and retention. New AI Challenges Will Test CISOs & Their Teams in 2025 CISOs need to recognize the new threats AI can present — while also embracing AI-powered solutions to stay ahead of those threats. MORE PRODUCTS & RELEASES Grupo Bimbo Ventures Announces Investment in NanoLock Security K2 Secures Navy SeaPort Next Generation Contract CISA Releases the Cybersecurity Performance Goals Adoption Report MORE PRODUCTS & RELEASES EDITORS' CHOICE Banshee 2.0 Malware Steals Apple's Encryption to Hide on Macs The most recent iteration of the open source infostealer skates by antivirus programs on Macs, using an encryption mechanism stolen from Apple's own antivirus product. LATEST FROM THE EDGE Name That Edge Toon: Greetings and Salutations Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card. LATEST FROM DR TECHNOLOGY 1Password Acquires SaaS Access Management Provider Trelica The deal will enhance 1Password Extended Access Management offering with capabilities to address challenges around software-as-a-service sprawl and shadow IT. LATEST FROM DR GLOBAL Chinese APT Group Is Ransacking Japan's Secrets Since 2019, MirrorFace has been stealing information from myriad Japanese organizations to gain leverage over Japan in the event of hostilities between the two countries, experts said. WEBINARS The Artificial Future Trend Micro Security Predictions for 2025 Preventing Attackers From Wandering Through Your Enterprise Infrastructure View More Dark Reading Webinars >> WHITE PAPERS 4 Best Practices for Hybrid Security Policy Management Social Engineering: New Tricks, New Threats, New Defenses IDC Analyst Brief: Enhancing Incident Response with Automated Investigation Workflows From security alert to action: Accelerating incident response with automated investigations Top 10 CI/CD Security Risks: The Technical Guide Frost Radar: Cloud Security Posture Management, 2024 The State of Cloud Native Security Report 2024 View More White Papers >> FEATURED REPORTS The State of Firewall Security: Challenges, Risks, and Solutions for Modern Networks Industrial Networks in the Age of Digitalization Effective Asset Management Is Critical to Enterprise Cybersecurity View More Dark Reading Reports >>

Dark Reading Daily -- Published By Dark Reading Operated by TechTarget, Inc. and its subsidiaries, 275 Grove Street, Newton, Massachusetts, 02466 US To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. Thoughts about this newsletter? Give us feedback. Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our Privacy Statement.

© 2025 | TechTarget, Inc. | Privacy Statement | Terms & Conditions | Contact Us