#Microsoft used its #AI-powered #SecurityCopilot to discover 20 previously unknown vulnerabilities in the #GRUB2, #UBoot, and #Barebox #opensource #bootloaders.
GRUB2 (GRand Unified Bootloader) is the default boot loader for most #Linux distributions, including Ubuntu, while U-Boot and Barebox are commonly used in embedded and #IoT devices.
https://www.bleepingcomputer.com/news/security/microsoft-uses-ai-to-find-flaws-in-grub2-u-boot-barebox-bootloaders/ #ITSec

Microsoft AI Security Copilot Finds Hidden Flaws in GRUB2 and Other Bootloaders

#Cybersecurity #Microsoft #SecurityCopilot #GRUB2 #Uboot #Barebox #AI #OpenSourceSecurity #UEFI #Linux #VulnerabilityResearch

https://winbuzzer.com/2025/04/02/microsoft-ai-security-copilot-finds-hidden-flaws-in-grub2-and-other-bootloaders-xcxwbn/

The North Koreans and Russians have been busy, Insiders abound, and attacker tradecraft continues to evolve!

Catch all this and more in our latest wrap-up of the day's news:

🗞️ https://opalsec.io/daily-news-update-monday-april-1-2025-australia-melbourne/

There are a few noteworthy stories to get across - here's the TL;DR to get you up to speed:

🕵️ North Korean Infiltration: This is way bigger than many think. DPRK nationals are landing jobs inside global companies, gaining privileged access ("keys to the kingdom" level!). DTEX reports active investigations in 7% of their Fortune Global 2000 clients, and CrowdStrike notes nearly 40% of their NK-related IR cases involved insiders. They move fast post-hire, pivoting to supply chains and installing RATs disguised as onboarding. Watch out for highly anomalous login behaviour (like days-long sessions!). Rigorous remote hiring checks (camera on, resume checks, comms style) are crucial.

🎣 ClickFix Tactics by Lazarus: The infamous North Korean group is evolving its 'Contagious Interview' campaign (now dubbed 'ClickFake' by Sekoia). They're targeting crypto job seekers (shifting focus to non-tech roles too!) with fake website/document errors ('ClickFix'). These prompt users to run PowerShell/curl commands, dropping the 'GolangGhost' backdoor. Watch out for lures impersonating giants like Coinbase or Kraken. Sekoia has shared YARA rules – definitely worth checking out.

💻 WordPress MU-Plugin Abuse: Bad actors are getting stealthy by hiding malicious code in WordPress "Must-Use Plugins" (wp-content/mu-plugins/). These execute automatically on every page load without activation, making them hard to spot. Sucuri is seeing redirects to fake browser updates, webshell backdoors fetching code from GitHub, and JS hijackers replacing content or links. Keep those instances patched, clean up unused plugins/themes, and lock down admin accounts (MFA!).

Check out what else happened in the past 24 hours, and subscribe to get each edition straight to your inbox:
📨 https://opalsec.io/daily-news-update-monday-april-1-2025-australia-melbourne/#/portal/signup

#CyberSecurity #InfoSec #ThreatIntelligence #Hacking #DataBreach #Phishing #Malware #WordPress #NorthKorea #Russia #Ukraine #AI #SecurityCopilot #GRUB2 #Bootloaders #InsiderThreat #DataProtection #CyberAttack #infosecurity #cybersecuritynews #ClickFix

Microsoft unveils Microsoft Security Copilot agents and new protections for AI. www.microsoft.com/en-us/securi... #ai #security #microsoft #copilot #securitycopilot #rai #responsibleai

Microsoft unveils Microsoft Se...

Microsoft unveils Microsoft Security Copilot agents and new protections for AI.

https://www.microsoft.com/en-us/security/blog/2025/03/24/microsoft-unveils-microsoft-security-copilot-agents-and-new-protections-for-ai/

#ai #security #microsoft #copilot #securitycopilot #rai #responsibleai

#Microsoft expands #SecurityCopilot with #AI agents

https://technewsro.blog/microsoft-extinde-security-copilot-cu-agenti-ai/

Microsoft's Security Copilot now features AI agents designed to autonomously handle high-volume security tasks

#AI #Microsoft #MicrosoftSecurity #AIAgents #Cybersecurity #SecurityCopilot #AIinCybersecurity #CybersecurityUpdates

https://winbuzzer.com/2025/03/24/microsoft-expands-security-copilot-with-ai-agents-to-automate-cyber-defense-xcxwbn/

Don't think @malwarejake shared this on the Fediverse

#DoINeedSecurityCoPilot #SecurityCoPilot

𝐂𝐨𝐩𝐢𝐥𝐨𝐭 𝐟𝐨𝐫 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲: 𝐞𝐥𝐞𝐦𝐞𝐧𝐭𝐬 𝐨𝐟 𝐚𝐧 𝐞𝐟𝐟𝐞𝐜𝐭𝐢𝐯𝐞 𝐩𝐫𝐨𝐦𝐩𝐭

From the "Get started with Microsoft Copilot for Security" online training, I highlight this interesting in-depth analysis.

𝐄𝐟𝐟𝐞𝐜𝐭𝐢𝐯𝐞 𝐩𝐫𝐨𝐦𝐩𝐭𝐬 give Copilot adequate and useful parameters to generate a valuable response. Security analysts or researchers should include the following elements when writing a prompt.

💡 𝐆𝐨𝐚𝐥 - specific, security-related information that you need

💡𝐂𝐨𝐧𝐭𝐞𝐱𝐭 - why you need this information or how you'll use it

💡𝐄𝐱𝐩𝐞𝐜𝐭𝐚𝐭𝐢𝐨𝐧𝐬 - format or target audience you want the response tailored to

💡𝐒𝐨𝐮𝐫𝐜𝐞 - known information, data sources, or plugins Copilot should use

At this link other prompting tips:

https://learn.microsoft.com/en-us/training/modules/security-copilot-getting-started/5-create-effective-prompts

Full training: https://learn.microsoft.com/en-us/training/paths/security-copilot-and-ai/

#copilot #copilotforsecurity #securitycopilot #microsoft #microosoftsecurity #llm #openai #azureopenai #llmapps #soc #generativeai #genai #cybersecurity #azure #cloudsecurity #cloudnative #defender #sentinel #microsoftsentinel #xdr #defenderxdr #prompt #promptengineering

𝐇𝐨𝐰 𝐌𝐃𝐓𝐈 𝐇𝐞𝐥𝐩𝐬 𝐏𝐨𝐰𝐞𝐫 𝐂𝐨𝐩𝐢𝐥𝐨𝐭 𝐟𝐨𝐫 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲

A critical aspect of any security analyst's work is keeping up to date with the latest developments in the threat landscape. Copilot for Security allows users to make simple requests known as prompts to learn about threat actors, tools, indicators of compromise (IoCs), and threat intelligence related to their organization's security incidents and alerts.

Below, are three important scenarios the MDTI plugin on Copilot for Security helps teams with:

✔The Reactive approach

➡ Emphasizes investigations and enhancing threat intelligence enrichment and additional context for the entities involved in the incident.

✔The Proactive approach

➡Emphasizing the ability to detect and address threats targeting organizations like mine. It uses threat intelligence to prioritize incidents, trace possible intrusions, and expedite mitigation of misconfigurations and vulnerable software, while simultaneously assessing the organization's impact and posture against specific threats.

✔Keeping up with the latest threat intelligence Trends

➡Detecting emerging threats by analyzing articles and trends, and subsequently disseminating relevant threat data.

https://techcommunity.microsoft.com/t5/microsoft-defender-threat/how-mdti-helps-power-copilot-for-security/ba-p/3973731

#copilot #copilotforsecurity #securitycopilot #microsoftsecurity #microsoft #azure #cyber #cybersecurity #threatintellitence #ti #mdti #defender #defenderthreatintelligence #soc #investigation #cloudsecurity #ai #genai #generativeai #azureopenai #openai

𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐂𝐨𝐩𝐢𝐥𝐨𝐭: 𝐭𝐡𝐞 𝐚𝐫𝐭 𝐨𝐟 𝐩𝐫𝐨𝐦𝐩𝐭𝐢𝐧𝐠 𝐟𝐨𝐫 𝐞𝐟𝐟𝐢𝐜𝐢𝐞𝐧𝐭 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐢𝐧𝐯𝐞𝐬𝐭𝐢𝐠𝐚𝐭𝐢𝐨𝐧 𝐬𝐮𝐦𝐦𝐚𝐫𝐢𝐞𝐬

Security Copilot employs promptbooks—a series of user-input-driven prompts that analyze cybersecurity threats. Every interaction within Security Copilot, be it an individual prompt or a promptbook, generates a session. These sessions, which are storable and shareable within your workspace.

Generating a summary within Security Copilot can vary in complexity and detail, influenced by how you craft your prompt.

More details:

https://techcommunity.microsoft.com/t5/microsoft-security-copilot-blog/leveraging-generative-ai-for-efficient-security-investigation/ba-p/4049630

#ai #genai #security #copilot #securitycopilot #microsoft #microsoftsecurity #azure #xdr #soc #llm #cybersecurity #prompt #prompting #promptengineering #promptbooks #securityincident #hunting #triage

Get the e-book, 𝐓𝐡𝐞 𝐏𝐚𝐭𝐡 𝐭𝐨 𝐀𝐈: 𝐏𝐚𝐯𝐞 𝐭𝐡𝐞 𝐰𝐚𝐲 𝐟𝐨𝐫 𝐩𝐨𝐰𝐞𝐫𝐟𝐮𝐥 𝐜𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐀𝐈 𝐰𝐢𝐭𝐡 𝐢𝐧𝐭𝐞𝐠𝐫𝐚𝐭𝐞𝐝 𝐗𝐃𝐑 𝐚𝐧𝐝 𝐒𝐈𝐄𝐌

You'll find information about:

➡ 𝐓𝐡𝐞 𝐏𝐚𝐭𝐡 𝐭𝐨 𝐀𝐈: how integrated XDR and SIEM can help organizations prepare for using generative AI cybersecurity tools such as Microsoft Security Copilot.

➡𝐓𝐡𝐞 𝐂𝐡𝐚𝐥𝐥𝐞𝐧𝐠𝐞𝐬 𝐨𝐟 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲: the common problems that security teams face, such as increasing attacks, expanding attack surfaces, talent shortage, and tool complexity.

➡𝐓𝐡𝐞 𝐁𝐞𝐧𝐞𝐟𝐢𝐭𝐬 𝐨𝐟 𝐈𝐧𝐭𝐞𝐠𝐫𝐚𝐭𝐞𝐝 𝐗𝐃𝐑 𝐚𝐧𝐝 𝐒𝐈𝐄𝐌: how combining XDR and SIEM can provide end-to-end visibility, speed, accuracy, and efficiency for security operations, as well as reducing costs and risks.

➡𝐓𝐡𝐞 𝐏𝐨𝐭𝐞𝐧𝐭𝐢𝐚𝐥 𝐨𝐟 𝐆𝐞𝐧𝐞𝐫𝐚𝐭𝐢𝐯𝐞 𝐀𝐈: Microsoft Security Copilot, the first generative AI security analysis tool, and how it can amplify security operations with natural language prompts, insights, guidance, and predictions.

➡𝐓𝐡𝐞 𝐍𝐞𝐱𝐭 𝐒𝐭𝐞𝐩𝐬 𝐭𝐨 𝐓𝐚𝐤𝐞: exploring deployment options and learn more about Microsoft’s SIEM and XDR solutions and Security Copilot.

https://info.microsoft.com/ww-landing-the-path-to-ai.html

#generativeai #genai #ai #xdr #siem #defenderxdr #defender #sentinel #soar #cybersecurity #cloudnative #cloudsecurity #security #copilot #securitycopilot #microsoft #microsoftsecurity #soc

𝐍𝐞𝐰 𝐮𝐬𝐞 𝐜𝐚𝐬𝐞𝐬 𝐟𝐨𝐫 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐂𝐨𝐩𝐢𝐥𝐨𝐭

📣 The new use cases for Security Copilot now extend beyond investigations in your security operations center to support various security necessities for organizations seeking to strengthen their security against cyberthreats.

➡Device management

➡Identity management

➡Data security

➡Cloud security

➡External attack surface management

📣Security Copilot is expanding into embedded experiences across various Microsoft Security solutions!

https://www.microsoft.com/en-us/security/blog/2023/12/06/microsoft-security-copilot-drives-new-product-integrations-at-microsoft-ignite-to-empower-security-and-it-teams/

#copilot #security #securitycopilot #llm #ai #genai #openai #microsoft #microsoftsecurity #cybersecurity #intune #purview #entraid #soc #xdr #siem #soar #cloud #cloudnative #cloudsecurity #sentinel #microsoftsentinel #cnapp #defenderforcloud #defender #easm #threatintelligence

𝐍𝐞𝐰 𝐮𝐬𝐞 𝐜𝐚𝐬𝐞𝐬 𝐟𝐨𝐫 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐂𝐨𝐩𝐢𝐥𝐨𝐭

📣 The new use cases for Security Copilot now extend beyond investigations in your security operations center to support various security necessities for organizations seeking to strengthen their security against cyberthreats.

➡Device management

➡Identity management

➡Data security

➡Cloud security

➡External attack surface management

📣Security Copilot is expanding into embedded experiences across various Microsoft Security solutions!

https://www.microsoft.com/en-us/security/blog/2023/12/06/microsoft-security-copilot-drives-new-product-integrations-at-microsoft-ignite-to-empower-security-and-it-teams/

#copilot #security #securitycopilot #llm #ai #genai #openai #microsoft #microsoftsecurity #cybersecurity #intune #purview #entraid #soc #xdr #siem #soar #cloud #cloudnative #cloudsecurity #sentinel #microsoftsentinel #cnapp #defenderforcloud #defender #easm #threatintelligence

𝐇𝐨𝐰 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐂𝐨𝐩𝐢𝐥𝐨𝐭 𝐰𝐨𝐫𝐤𝐬

https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/how-microsoft-security-copilot-works/ba-p/3988604

Video: https://youtu.be/0lg_derTkaM

#securitycopilot #copilot #microsoft #ai #genai #llm #cybersecurity #defender #xdr #siem #soar #automation #soc #cloud #cloudsecurity #ai #entra #purview #intune #gpt #gpt4 #threatintelligence #prompt

𝗔𝗻𝗻𝗼𝘂𝗻𝗰𝗶𝗻𝗴 𝗻𝗲𝘄 𝗖𝗡𝗔𝗣𝗣 𝗰𝗮𝗽𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝗶𝗻 𝗗𝗲𝗳𝗲𝗻𝗱𝗲𝗿 𝗳𝗼𝗿 𝗖𝗹𝗼𝘂𝗱

At Ignite 2023, we are excited to announce new innovations in Microsoft Defender for Cloud that will help security admins strengthen their CNAPP deployment, improve the cloud security posture through additional code to cloud insights, and protect cloud-native applications across multicloud environments in a unified solution:

➡ Unified insights from Microsoft Entra Permissions Management (CIEM) to enable comprehensive risk mitigation

➡Enhanced attack path analysis engine to swiftly pinpoint critical risks across clouds

➡Accelerated critical risk remediation with Microsoft Security Copilot integration

➡Integrated security across multiple DevOps platforms

Extended protection for cloud workloads

➡Improved API Security Posture

➡Go beyond workload protection – detect and respond to threats across the enterprise in a unified platform

More details:

https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/announcing-new-cnapp-capabilities-in-defender-for-cloud/ba-p/3981941

#cnapp #devops #api #protection #ciem #cwp #cspm #defender #defenderforcloud #azure #gcp #aws #cloud #cloudnative #cloudprotection #cloudsecurity #multicloud #microsoft #microsoftsecurity #soc #ignite #microsoftignite #permissionmanagement #ai #mitre #copilot #securitycopilot #vulnerability

Today, we are thrilled to announce the next major step in this industry-defining vision: combining the power of leading solutions in security information and event management (𝐒𝐈𝐄𝐌), extended detection and response (𝐗𝐃𝐑), and generative AI for security into the first 𝐔𝐧𝐢𝐟𝐢𝐞𝐝 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬 𝐏𝐥𝐚𝐭𝐟𝐨𝐫𝐦..

https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/introducing-a-unified-security-operations-platform-with/ba-p/3983341

#microsoft #microsoftdefender #microsoftdefenderxdr #xdr #siem #soar #sentinel #microsoftsentinel #ai #aisecurity #cybersecurity #soc #genai #generativeai #gpt #azure #microsoftecurity #soc #analyst #copilot #securitycopilot #ignite #microsoftignite #kql

In our preview of Microsoft #SecurityCopilot, customers reported saving up to 40% of their security analysts’ time on foundational tasks like investigation and response, threat hunting, and threat intelligence assessments 🛡️🔐 #Cyberdefense

https://www.microsoft.com/en-us/security/blog/2023/11/08/insights-from-microsoft-security-copilot-early-adopters/?utm_content=buffer86db0&utm_medium=social&utm_source=bufferapp.com&utm_campaign=buffer

#Microsoft announces #SecurityCopilot early access program https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-security-copilot-early-access-program/

Has anyone had a chance to play with the preview of Security Copilot? I'm curious of people's thoughts on it.

#security #microsoft #securitycopilot