CSO Online

New backdoor ‘SesameOp’ abuses OpenAI Assistants API for stealthy C2 operations

Microsoft uncovers a months-long campaign where threat actors used OpenAI’s legitimate API as a covert command-and-control ...

OpenAIのAPIがハッカーのバックドアに悪用されているとMicrosoftの研究 ...

Microsoftのサイバー脅威対応チームであるDetection and Response ...
Yahoo

Microsoft down: Outage was caused by cyber attack, company says

Microsoft’s latest outage was the result of an attempted hack, it has said. On Tuesday, some of its apps were knocked offline in an intentional cyber attack, Microsoft said in an update. The company’s ...
CSOonline

ChatGPT API flaws could allow DDoS, prompt injection attacks

OpenAI-owned ChatGPT might have a vulnerability that could allow threat actors to launch distributed denial of service (DDoS) attacks on unsuspecting targets. According to a discovery made by German ...
CNN

Microsoft alerts businesses and governments to attacks on SharePoint servers

Microsoft has issued an alert about “active attacks” on server software used by government agencies and businesses to share documents within organizations and recommended security updates that ...
Reuters

Microsoft alerts businesses, governments to server software attack

WASHINGTON, July 20 (Reuters) - Microsoft (MSFT.O), opens new tab has issued an alert about "active attacks" on server software used by government agencies and businesses to share documents within ...
Dark Reading

Phishers Wreak 'Havoc,' Disguising Attack Inside SharePoint

A complex phishing campaign is targeting Microsoft SharePoint accounts with malicious documents aimed at getting users to compromise themselves by deploying a PowerShell command. The attack is a ...
Redmond Magazine

Security Firm Reveals Voice Phishing Attack Targeting Microsoft Teams

Security researchers at Ontinue's Cyber Defense Center have uncovered a complex, multi-stage cyberattack that leveraged social engineering, remote access tools and signed binaries to infiltrate and ...