Creating Insecure AI Assistants With Microsoft Copilot Studio Is Easy | Live From Black Hat USA 2024

Microsoft claims 50,000 organizations are using its new Copilot Creation tool, but researcher Michael Bargury demonstrated at Black Hat USA ways it could unleash insecure chatbots. [TechWeb]( Follow Dark Reading: [RSS]( August 08, 2024 LATEST SECURITY NEWS & COMMENTARY [Creating Insecure AI Assistants With Microsoft Copilot Studio Is Easy]( Microsoft claims 50,000 organizations are using its new Copilot Creation tool, but researcher Michael Bargury demonstrated at Black Hat USA ways it could unleash insecure chatbots. [Dark Reading News Desk Live From Black Hat USA 2024]( The Dark Reading team once again welcomes the world's top cybersecurity experts to the Dark Reading News Desk live from Black Hat USA 2024. Tune into the livestream. [Hunters International Disguises SharpRhino RAT as Legitimate Network Admin Tool]( The RaaS group that distributes Hive ransomware delivers new malware impersonating as validly signed network-administration software to gain initial access and persistence on targeted networks [Chameleon Banking Trojan Makes a Comeback Cloaked as CRM App]( The evolving malware is targeting hospitality and other B2C workers in Canada and Europe with capabilities that can evade Android 13 security restrictions. [Russia's Priorities in Prisoner Swap Suggest Cyber Focus]( At least two Russian nationals serving prison sentences for cybercrime offenses, Vladislav Klyushin and Roman Seleznev, were released as part of the landmark prisoner swap. [SaaS Apps Present an Abbreviated Kill Chain for Attackers]( Black Hat presentation reveals adversaries don't need to complete all seven stages of a traditional kill chain to achieve their objectives. [Critical Apache OFBiz Vulnerability Allows Preauth RCE]( The enterprise resource planning platform bug CVE-2024-38856 has a vulnerability-severity score of 9.8 out of 10 on the CVSS scale and offers a wide avenue into enterprise applications for cyberattackers. [Fortune 50 Co. Pays Record-Breaking $75M Ransomware Demand]( The runaway success of an upstart ransomware outfit called "Dark Angels" may well influence the cyberattack landscape for years to come. [Creating Insecure AI Assistants With Microsoft Copilot Studio Is Easy]( Microsoft claims 50,000 organizations are using its new Copilot Creation tool, but researcher Michael Bargury demonstrated at Black Hat USA ways it could unleash insecure chatbots. [Cyberattack Strikes the Grand Palais RMN; Impact Appears Limited]( Everyone expected some kind of cyberattack during the Olympics. If this is the best they've got, the bad guys don't deserve a spot on the podium. [The API Security Crisis: Why Your Company Could Be Next]( You're only as strong as your weakest security link. [How Regional Regulations Shape Global Cybersecurity Culture]( Ultimately, a more cyber-secure world requires a global governing body to regulate and campaign for cybersecurity, with consistent regulatory requirements in the various regions around the world. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [China's APT41 Targets Taiwan Research Institute for Cyber Espionage]( The state-sponsored Chinese threat actor gained access to three systems and stole at least some research data around computing and related technologies. [20K Ubiquiti IoT Cameras & Routers Are Sitting Ducks for Hackers]( In the cloud, patches disseminate automatically. On your computer, you get notified. IoT devices, meanwhile, can escape attention for years on end. [Preparing for the Future of Post-Quantum Cryptography]( The AI boom and increasing popularity of quantum computing necessitates quantum-resilient security. [MORE]( PRODUCTS & RELEASES [Verizon Business 2024 Mobile Security Index Reveals Escalating Risks in Mobile and IoT Security]( [Votiro Unveils New Data Privacy Features and Integrations]( [Dataprise Acquires Phoenix IT Adding Cyber Incident Response & Remediation Services]( [Cybersecurity Industry Leaders Launch the Cyber Threat Intelligence Capability Maturity Model]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Rockwell PLC Security Bypass Threatens Manufacturing Processes]( A security vulnerability in Rockwell Automation's ControlLogix 1756 programmable logic controllers, tracked as CVE-2024-6242, could allow tampering with physical processes at plants. LATEST FROM THE EDGE [Monitoring Changes in KEV List Can Guide Security Teams]( The number of additions to the Known Exploited Vulnerabilities catalog is growing quickly, but even silent changes to already-documented flaws can help security teams prioritize. LATEST FROM DR TECHNOLOGY [Knostic Wins 2024 Black Hat Startup Spotlight Competition]( During a "Shark Tank"-like final, each startup's representative spent five minutes detailing their company and product, with an additional five minutes to take questions from eight judges from Omdia, investment firms, and top companies in cyber. LATEST FROM DR GLOBAL [Cyberattack Strikes the Grand Palais RMN; Impact Appears Limited]( Everyone expected some kind of cyberattack during the Olympics. If this is the best they've got, the bad guys don't deserve a spot on the podium. WEBINARS - [Securing Your Cloud Assets]( - [The Rise of AI-Powered Malware and Application Security Best Practices]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [How to Use Threat Intelligence to Mitigate Third-Party Risk]( - [Managing Third-Party Risk Through Situational Awareness]( - [5 Critical Controls for World-Class OT Cybersecurity]( - [Tracking the Untrackable: Taking a Proactive Approach to Emerging Risks]( - [The Forrester Wave™: External Threat Intelligence Service Providers, Q3 2023]( - [Google Threat Intelligence]( - [2024 InformationWeek US IT Salary Report]( [View More White Papers >>]( FEATURED REPORTS - [Managing Third-Party Risk Through Situational Awareness]( - [2024 InformationWeek US IT Salary Report]( [View More Dark Reading Reports >>]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=125044&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Weekly_08.08.24&sp_cid=54621&utm_content=DR_NL_Dark%20Reading%20Weekly_08.08.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#4b If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)