Cybersecurity workers can also start creating their own Security Copilot AI agents.

Microsoft is launching a Security Store that will be full of security software-as-a-service (SaaS) solutions and AI agents. It’s part of a broader effort to sell Microsoft’s Sentinel security platform to businesses, complete with Microsoft Security Copilot AI agents that can be built by security teams to help tackle the latest threats.

The Microsoft Security Store is a storefront designed for security professionals to buy and deploy SaaS solutions and AI agents from Microsoft’s ecosystem partners. Darktrace, Illumio, Netskope, Perfomanta, and Tanium are all part of the new store, with solutions covering threat protection, identity and device management, and more.

A lot of the solutions will integrate with Microsoft Defender, Sentinel, Entra, Purview, or Security Copilot, making them quick to onboard for businesses that are fully reliant on Microsoft for their security needs. This should cut down on procurement and onboarding times, too.

Alongside the Security Store, Microsoft is also allowing Security Copilot users to build their own AI agents. Microsoft launched some of its own security AI agents earlier this year, and now security teams can use a tool that’s similar to Copilot Studio to build their own. You simply create an AI agent through a set of prompts and then publish them all with no code required. These Security Copilot agents will also be available in the Security Store today.

• Aim Labs has identified a critical zero-click AI vulnerability, dubbed “EchoLeak”, in Microsoft 365 (M365) Copilot and has disclosed several attack chains that allow an exploit of this vulnerability to Microsoft's MSRC team.
• This attack chain showcases a new exploitation technique we have termed "LLM Scope Violation" that may have additional manifestations in other RAG-based chatbots and AI agents. This represents a major research discovery advancement in how threat actors can attack AI agents - by leveraging internal model mechanics.
• The chains allow attackers to automatically exfiltrate sensitive and proprietary information from M365 Copilot context, without the user's awareness, or relying on any specific victim behavior.
• The result is achieved despite M365 Copilot's interface being open only to organization employees.
• To successfully perform an attack, an adversary simply needs to send an email to the victim without any restriction on the sender's email.
• As a zero-click AI vulnerability, EchoLeak opens up extensive opportunities for data exfiltration and extortion attacks for motivated threat actors. In an ever evolving agentic world, it showcases the potential risks that are inherent in the design of agents and chatbots.
• Aim Labs continues in its research activities to identify novel types of vulnerabilities associated with AI deployment and to develop guardrails that mitigate against such novel vulnerabilities.
  Aim Labs is not aware of any customers being impacted to date.
  TL;DR
  Aim Security discovered “EchoLeak”, a vulnerability that exploits design flaws typical of RAG Copilots, allowing attackers to automatically exfiltrate any data from M365 Copilot’s context, without relying on specific user behavior. The primary chain is composed of three distinct vulnerabilities, but Aim Labs has identified additional vulnerabilities in its research process that may also enable an exploit.

A vulnerability in Microsoft Copilot Studio could be exploited to access sensitive information on the internal infrastructure used by the service, Tenable reports.

The flaw, tracked as CVE-2024-38206 (CVSS score of 8.5) and described as a ‘critical’ information disclosure bug, has been fully mitigated, Microsoft said in an August 6 advisory.

Microsoft Copilot for Security will be generally available on April 1st. Read this blog to learn about new productivity research, product capabilities,..

• Shane Jones, who’s worked at Microsoft for six years, has been testing the company’s AI image generator in his free time and told CNBC he is disturbed by his findings.
• He’s warned Microsoft of the sexual and violent content that the product, Copilot Designer, is creating, but said the company isn’t taking appropriate action.
• On Wednesday, Jones escalated the matter, sending letters to FTC Chair Lina Khan and to Microsoft’s board, which were viewed by CNBC.