Sos Sosowski (@sos@mastodon.gamedev.place)
mastodon.gamedev.place
Attached: 1 image So, Microsoft is silently installing Copilot onto Windows Server 2022 systems and this is a disaster. How can you push a tool that siphons data to a third party onto a security-critical system? What privileges does it have upon install? Who thought this is a good idea? And most importantly, who needs this? #infosec #security #openai #microsoft #windowsserver #copilot

  • lud
    52·
    2 months ago

    Yes that’s because pretty much all companies use AD and exchange is also popular (but less so now with exchange online)

    Both are also extremely valuable for companies and thus attackers.

    Ransomware attacks pretty much always rely on missconfiguration and/or social engineering.