Microsoft isn’t disclosing this so: M365 Copilot allowed users to access files without producing an audit log. All you had to do was ask Copilot to not link to the file. You don’t even have to ask; it sometimes just happens. If your org uses Copilot your audit log is likely wrong

Don’t worry SOC analysts, AI isn’t going to take your job just yet.

Every single person who replied “guide” to this should be permabanned to the shadow realm (LinkedIn)

Think you’re going to exfiltrate company data from the inside? This guy and a couple billion Gemini tokens are going to catch you.

Apparently $1/user/month is considered a massive investment.

If you don’t know how, it’s a button in Purview that always seems to move every time I look. Just go there and click around randomly until you find it.

Please turn on automatic sensitivity labels for emails. The “cost” is that users will see a little orange shield in Outlook. The benefit is that your audit log becomes actually useful.

Ngl, all the other parts of cybersecurity I’ve come across are lowkey easy. I thought it’d be the same for malware. It’s just code, and I know code. Turns out they don’t even give you the code!

Dear @Fortinet post token use

Hey @TrendMicro post token use

I’ll go first. Today Presence used about 60m tokens so far. Not a lot, but enough to prove we’re doing a real thing given that we launched only a few days ago.

Should I start tagging vendors to ask them to post token use?

Any cybersecurity vendor claiming “AI threat detection” should have to post their token usage.

Never make a joke about AI or they’ll ruin your feed with whatever the hell this is until you repent. I’m sorry @nikitabier I promise I won’t do it again I just want cybersecurity content back.

Copilot in Excel is a global financial crisis waiting to happen.

Went ahead and bought evilmcp[.]com so I can make an evil mcp server for fun.

People are worried about protecting against prompt injections while using MCP tools. My brother in christ, MCP is a prompt injection.

Way more companies than expected turned on the free trial, so it turns out finance team might be right.

The design team has figured out that if they ask permission I’ll say no, but if they just do it I’ll appreciate it. (Mine has blue Powerade because that’s the only thing I drink)

The end. I think of this every single Christmas now, and probably will for many years to come.

After that, I put down some serious processes. One person takes lead. Another takes communication. Designated people who can report issues, to avoid the flood of chaos. We ran those processes dozens of times after, and never had an issue like this again.