Articles of interest from the week of November 6, 2023

Copilot Is Ready for Takeoff: Microsoft Rolls Out Artificial Intelligence for Windows

AI is coming to desktops everywhere -- is your security team ready for it? Beginning with its October security updates, Microsoft has begun a staged rollout of built-in artificial intelligence in the form of Copilot for Windows. (CSO)

“AI, exemplified by Microsoft Copilot for Windows, is altering the technological landscape. However, it raises security concerns, as a study disclosed that 40% of Copilot-generated code exhibited vulnerabilities. Consequently, it is crucial for organizations to develop AI policies and assess security implications in light of the increasing prevalence of AI within Microsoft's products.” – Andrew Tucker, Senior Analyst at Ingalls Information Security

Cybersecurity Leaders Spooked by SEC Lawsuit Against SolarWinds CISO

In a development sparking chatter and debate through the cybersecurity world, the lawsuit filed by the U.S. Securities and Exchange Commission (SEC) against the Chief Information Security Officer (CISO) of SolarWinds is leaving CISOs across the industry spooked and reevaluating their roles. (SecurityWeek)

BlueNoroff Hackers Backdoor Macs With New ObjCShellz Malware

The North Korean-backed BlueNorOff threat group targets Apple customers with new macOS malware tracked as ObjCShellz that can open remote shells on compromised devices. (BleepingComputer)

Microsoft Authenticator Suppresses Suspicious MFA Notifications

Microsoft has quietly rolled out a new mechanism that shields users of its mobile Authenticator app from suspicious (and annoying) push notifications triggered by attackers. (Help Net Security)

New State of Phishing Report 2023: An Alarming Surge in Phishing Threats

The fight against cyber threats remains a top priority for all organizations, including phishing attacks. SlashNext just released its much-anticipated annual "State of Phishing Report for 2023." This report sheds light on the alarming surge in phishing threats across email, web, and mobile channels. We will delve into the key findings and insights from the report, highlighting the growing influence of generative AI tools in cybercriminal activities. (KnowBe4)