Attached: 1 image
So, Microsoft is silently installing Copilot onto Windows Server 2022 systems and this is a disaster.
How can you push a tool that siphons data to a third party onto a security-critical system?
What privileges does it have upon install? Who thought this is a good idea? And most importantly, who needs this?
#infosec #security #openai #microsoft #windowsserver #copilot
Yes that’s because all companies pretty much use AD and exchange is also popular (but less so now with exchange online)
Both are also extremely valuable for companies and thus attackers.
Ransomware attacks pretty much always rely on missconfiguration and/or social engineering.