AI-Fueled Cyber Threats Outpacing Defenses
Key Questions
What is the Iran-linked campaign targeting Microsoft 365?
Iran-linked Gray Sandstorm/Pay2Key conducted password spraying on 300+ Israeli M365 organizations. EvilTokens PhaaS enabled 340+ takeovers via similar tactics.
What is the Copilot RAG vulnerability CVE-2025-32711?
CVE-2025-32711 affects 73% of Copilot RAG implementations, vulnerable to prompt injection and data poisoning. Best practices include multi-layer scanning and enterprise AI security measures.
How does Microsoft Defender for O365 handle false positives?
Defender O365 sometimes incorrectly flags trusted senders as high-confidence phishing despite secure-by-default protections. Users report issues with malware classification.
What is SafePaste and its role in AI security?
SafePaste Enterprise is an AI DLP tool that intercepts and sanitizes pastes, preventing data leaks. It demos quick deployment for enterprise use.
How is Check Point supporting non-E5 Teams licenses?
Check Point enhanced support for Microsoft Teams with non-E5 licenses, improving security for standard plans. This addresses gaps in basic deployments.
What are Mandiant's observations on AI cyber threats?
Mandiant reports ClickFix and vishing as rising tactics in AI-fueled attacks outpacing defenses. Tenant sprawl and data loss risks are highlighted.
How do Sentinel and Defender XDR improve SOC operations?
Microsoft Sentinel and Defender XDR enable modern security operations for SOC teams, integrating AI threat detection. They counter AI-powered threats like password spraying.
What best practices secure AI in enterprises like Island/Purview?
Use Island/Purview for data loss prevention, enable MFA, and address tenant sprawl. Focus on RAG security and file upload sanitization in CI/CD.
Iran-linked password spraying 300+ Israeli M365 orgs (Gray Sandstorm/Pay2Key); EvilTokens PhaaS M365 takeovers (340+); Mandiant ClickFix/vishing; Copilot RAG CVE-2025-32711 (73% vuln); Defender O365 false pos; SafePaste AI DLP; Check Point Teams non-E5; tenant sprawl; Sentinel/Defender XDR SOC; Island/Purview.