🌈 Social 📸 Photography 🌈

LMG SecurityNew AI Security Risk Uncovered in Microsoft 365 CopilotA zero-click vulnerability has been discovered in Microsoft 365 Copilot—exposing sensitive data without any user interaction. This flaw could allow attackers to silently extract corporate data using AI-integrated tools.If your organization is adopting AI in productivity platforms, it’s time to get serious about AI risk management: • Conduct a Copilot risk assessment • Monitor prompt histories and output • Limit exposure of sensitive data to AI tools • Update your incident response plan for AI-based threatsAI can boost productivity, but it also opens new doors for attackers. Make sure your cybersecurity program keeps up. Contact our LMG Security team if you need a risk assessment or help with AI policy development.Read the article: <a href="https://www.bleepingcomputer.com/news/security/zero-click-ai-data-leak-flaw-uncovered-in-microsoft-365-copilot/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/zero-click-ai-data-leak-flaw-uncovered-in-microsoft-365-copilot/</a><a href="https://infosec.exchange/tags/AISecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#AISecurity</a> <a href="https://infosec.exchange/tags/Microsoft365" class="mention hashtag" rel="nofollow noopener" target="_blank">#Microsoft365</a> <a href="https://infosec.exchange/tags/Copilot" class="mention hashtag" rel="nofollow noopener" target="_blank">#Copilot</a> <a href="https://infosec.exchange/tags/ZeroClick" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroClick</a> <a href="https://infosec.exchange/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#DataLeak</a> <a href="https://infosec.exchange/tags/CyberRisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberRisk</a> <a href="https://infosec.exchange/tags/LMGSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#LMGSecurity</a> <a href="https://infosec.exchange/tags/AItools" class="mention hashtag" rel="nofollow noopener" target="_blank">#AItools</a> <a href="https://infosec.exchange/tags/ShadowAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#ShadowAI</a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/RiskManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#RiskManagement</a> <a href="https://infosec.exchange/tags/SMB" class="mention hashtag" rel="nofollow noopener" target="_blank">#SMB</a> <a href="https://infosec.exchange/tags/CEO" class="mention hashtag" rel="nofollow noopener" target="_blank">#CEO</a> <a href="https://infosec.exchange/tags/CISO" class="mention hashtag" rel="nofollow noopener" target="_blank">#CISO</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#IT</a>

LMG SecurityAI is the new attack surface—are you ready?From shadow AI to deepfake-driven threats, attackers are finding creative ways to exploit your organization’s AI tools, often without you realizing it.Watch our new 3-minute video, How Attackers Target Your Company’s AI Tools, for advice on: ▪️ The rise of shadow AI (yes, your team is probably using it!) ▪️ Real-world examples of AI misconfigurations and account takeovers ▪️ What to ask vendors about their AI usage ▪️ How to update your incident response plan for deepfakes ▪️ Actionable steps for AI risk assessments and inventoriesDon’t let your AI deployment become your biggest security blind spot.Watch now: <a href="https://youtu.be/R9z9A0eTvp0" rel="nofollow noopener" translate="no" target="_blank">https://youtu.be/R9z9A0eTvp0</a><a href="https://infosec.exchange/tags/AIsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#AIsecurity</a> <a href="https://infosec.exchange/tags/ShadowAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#ShadowAI</a> <a href="https://infosec.exchange/tags/Deepfakes" class="mention hashtag" rel="nofollow noopener" target="_blank">#Deepfakes</a> <a href="https://infosec.exchange/tags/AItools" class="mention hashtag" rel="nofollow noopener" target="_blank">#AItools</a> <a href="https://infosec.exchange/tags/CyberRisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberRisk</a> <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/SMB" class="mention hashtag" rel="nofollow noopener" target="_blank">#SMB</a> <a href="https://infosec.exchange/tags/CEO" class="mention hashtag" rel="nofollow noopener" target="_blank">#CEO</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/GenAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#GenAI</a> <a href="https://infosec.exchange/tags/DataPrivacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#DataPrivacy</a> <a href="https://infosec.exchange/tags/Cyberaware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cyberaware</a> <a href="https://infosec.exchange/tags/CISO" class="mention hashtag" rel="nofollow noopener" target="_blank">#CISO</a>

Jan Wildeboer 😷:krulorange:After the great "success" of <a href="https://social.wildeboer.net/tags/ShadowIT" class="mention hashtag" rel="nofollow noopener" target="_blank">#ShadowIT</a>: Introducing <a href="https://social.wildeboer.net/tags/ShadowAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#ShadowAI</a> — where employees will feed tons of highly sensitive and internal data and code to some LLM (Large Language Model) like <a href="https://social.wildeboer.net/tags/ChatGPT" class="mention hashtag" rel="nofollow noopener" target="_blank">#ChatGPT</a> in the vague hope of becoming more productive or finally getting that promotion. Without any kind of review or approval. This will get people fired. Le sigh. So, so predictable.

Jan Wildeboer 😷:krulorange:The Next Big Thing after <a href="https://social.wildeboer.net/tags/ShadowIT" class="mention hashtag" rel="nofollow noopener" target="_blank">#ShadowIT</a> (IT resources like Cloud capacity or using software that is not officially part of IT) — <a href="https://social.wildeboer.net/tags/ShadowAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#ShadowAI</a>. People/groups/companies using “AI” stuff without telling anyone to make life easier. This is dangerous stuff IMHO. How about your doctor or health insurance using ChatGPT to speed up diagnosis/paperwork? Ouch. <a href="https://inflecthealth.medium.com/im-an-er-doctor-here-s-what-i-found-when-i-asked-chatgpt-to-diagnose-my-patients-7829c375a9da" rel="nofollow noopener" target="_blank">https://inflecthealth.medium.com/im-an-er-doctor-here-s-what-i-found-when-i-asked-chatgpt-to-diagnose-my-patients-7829c375a9da</a>

Recent searches

Search options

Administered by:

Server stats:

#shadowai