A (14:08)

Kept us very busy for a few months. Microsoft Direct Send is a feature in Exchange Online that allows devices or applications like printers or scanners to send emails directly to recipients inside your organization without authenticating through a mailbox and, I repeat, without requiring any authentication at all. So what happens is, once an attacker abuses this feature, the victim receives an email that appears to come from themselves. To create the urgency. Like typical phishing attacks and so on, the attackers frame the message as a missed call or a fax and include a QR code in as the attachment, asking the user to scan or to retrieve the message in some way or another. Basically, boom. Credentials are Stolen. Right. So in the past few months we've been swamped with cases where this direct send feature was enabled without anyone realizing what that really means. Essentially, it's like leaving the front door wide open for attackers. So threat actors actually figured out they can use the setup to send spoofed emails that bypass security controls without ever logging or touching the tenant. And the impact in multiple incidents was sometimes even scary. Like we had to contain compromises of dozens accounts. Attackers in some cases managed to log on to some customer's entra ID and pivoted into administrative apps, expanding their reach and then sends it and then really stealing sensitive data.

B (15:41)

What's the rationale for the functionality itself? What's the good side of this?

A (15:48)

The good side of it? I think it's basically to allow devices that cannot authenticate to send you messages within the organization. But I think if you think this through, you should allow that only from internal endpoints and not necessarily from anyone over the Internet. Right. So the idea was just for devices that cannot support different authentication mechanisms.

B (16:11)

Well, when you're out and about and you have to explain what the current cyber threat landscape looks like and you're talking to non technical people, how do you describe it?

A (16:21)

So I'd say the cyber threat landscape today is even more hyper focused than ever before on humans as the weakest link. Look, it's dominated by AI powered phishing and identity takeovers. Attackers have dozens of ways to succeed using just these two vectors. Right? And you can add ransomware as a service and supply chain compromises. And I think this is what really gets you threats all laser focused on one thing, which is the data, the most expensive digital asset there is.

B (16:56)

And what has you most concerned? What are the things that you're seeing emerging that are on your radar?

A (17:02)

So without a doubt, the threats against AI and those emerging because of its extensive use. Right now I'm going to try to break this down to explain why this is more complex than we imagine. So not long ago, before AI took the center stage, we were in a relatively comfortable position. We understood the core principles of security and how to apply them across different technologies. We train an entire generation of developers on secure coding best practices, we quote, unquote, mastered software and hardware risk modeling. And most importantly, we understood those technologies as attack surface inside out. But with AI, that's no longer the case. Right now, as far as I see it, at least there are two, let's say, concerning trends that are happening simultaneously. On one side, we are witnessing a wave of developers pushing products of all Kinds to market at incredible speed thanks to AI driven development. But what they lack is the deep understanding of secure coding principles. And this might create a regression in security knowledge compared to the pre AI era. And then there is the other side of it, which is the world is adopting AI across almost every domain at a pace far faster than our ability to understand AI as an attack surface. And yes, research exists, vulnerabilities are documented, but we're barely scratching the surface. So Ben, comes my biggest concern. How do we investigate an incident that occurs entirely within an AI ecosystem? What investigation artifacts will matter beyond just the prompt and attacker to model interactions? And then what happens when there will come a day, and I think it's just a matter of time when an LLM trained on the most sensitive business data of my organization is stolen and I have extremely limited ability to trace the full chain of events. So in my eyes, I think this is one of the major topics to be concerned about.

B (19:15)

Help me understand how you as a practitioner separate the hype from the reality when it comes to AI. Because you know, we see we're being bombarded with marketing messages about AI, about the power of AI, about the vulnerabilities of AI, but you're in the middle of this, doing the actual work. How do you separate the signal from the noise?

A (19:39)

Right? So first of all, you gotta have a lot of hands on experience with AI to really understand what it can and can't do. And from our research and from general experience within the operation, we also utilize AI to some extent and we understand that AI by itself is not really a plug and play product that you can simply provide a prompt to and things will happen. Things will, the magic will happen. Right. With AI, you have to provide sometimes even a lot of context, right? You have to set clear boundaries as to what you want the AI to do and what you don't want the AI to do and even really limit the kind of roles you want the AI to play in your operation. It could be anything, could be a product, could be just automation, pure automation you would like to orchestrate and turn to a fully automatic flow. Right? So we have to set the boundaries and we have to understand that AI is not always consistent and deterministic when it comes to vague or ambiguous prompts and roles that we give it.

B (20:49)

Do you have any examples, any real world use cases where AI has either prevented or maybe mitigated a major incident?

A (20:57)

It happens more than we think, let's say. Right. A lot of security products nowadays use AI for various use cases such as Threat detection, classification, enrichment and so on. These are like the most common ones that we typically see in our domain, the cybersecurity domain. And from my experience, AI has already proven its value many times. I've seen AI driven systems block compromised domain accounts or attempting password resets for lateral movement. I've also seen AI classifying ransomware threats based on known and unknown file extensions and file system activity, so essentially containing the encryption in a relatively short time. So this is magic. Some people with less experience could call this magic. But I think it's also worth talking about what it takes to make it so good and precise. Because like I said before, AI is far from being just pure plug and play as of today, and especially in cybersecurity domain, like I said before, AI and LLMs on their own are still neither fully autonomous nor deterministic enough to inspire complete trust that we would justify relying solely on AI as a defense mechanism. And this raises the question about how to shape an AI driven defense strategy. Like we have to somewhat consider using AI and try to prepare for the tomorrow, because the threat landscape is evolving very quickly also thanks to AI. So first and foremost, even for AI, the context really matters. Sometimes we really have to provide heavy context to AI to understand what is the role and what we want to do here. So it's critical for these models because they need to understand, for example, in detection engineering, what is more significant and what is less. There is multiple ways to do that, but while some might call the context a bias, it's actually necessary to reduce the hallucinations and poor decisions, those that in the hindsight we would consider to be pretty bad. So because the model lacked sufficient context or knowledge to make the best decision for whatever the situation, I think this begs the question, where does AI truly shine as a critical security function? Either within my operation or within my security stack. So at this stage at least, AI primarily acts as a force multiplier for human teams monitoring the infrastructure, and in some cases even takes on decision making roles such as whether to respond to a threat or how to respond to that threat. And we know that when you provide AI with enough context and clear rules and very specific responsibility boundaries, that's where it really outperforms human operators. And for example, predictive threat detection platforms typically use some form of machine learning model, which often really helps with the explainability. This explainability introduces a kind of healthy bias for this AI model, allowing it to really whether a certain anomaly is malicious or not in a more deterministic way, and even choose from a predefined set of actions on how to respond.

B (24:08)

So you're really confident here that these tools are useful and there's a positive future for them?

A (24:16)

Absolutely, yeah.

B (24:18)

You know, looking at the big picture, what do you think is the low hanging fruit? What are some of the easier things that an organization can do to improve their security posture?

A (24:32)

So you're not going to be surprised at all. But you can start because, you know, easy wins. I think it has to be common and known to everyone. It's just a decision whether to do that or not. But I would say you can start by protecting your identities. Apply multi factor authentication wherever possible and for a strict offboarding process, which means to really disable and remove stale accounts quickly to reduce the risk. And the next relatively quick win is to patch aggressively because if you don't really protect your identity, well, the second, I would say most, the easiest attack vector would be to just get in through unpatched systems.

B (25:14)

What's your advice for the security leaders out there who are preparing for this AI driven future, these AI driven threats? What are your words of wisdom?

A (25:24)

There's a saying by our CEO Jaqui Fedelson that I really like AI security. This is what he says all the time. AI security is data security. What that means is simple. AI systems eventually are inseparable from data. They consume the data they process and generate. So AI runs on data and really learns massive data set during the training process and it continues to handle sensitive inputs in production. It's always about data, right? So what makes data an integral part of the attack surface is the fact that AI is based on this sole parameter. So my advice to security leaders is just put your data in order. Know where your data lives, what's sensitive and what your AI models can access. Because if data is not secure, your AI isn't secure either.

B (26:19)

That's Rotem Sadak, Director of Security Operations and Forensics at Varonis. What's your 2am Security worry? Is it, do I have the right controls in place? Maybe are my vendors secure? Or the one that really keeps you up at night? How do I get out from under these old tools and manual processes? That's where Vantage comes in. Vanta automates the manual work so you can stop sweating over spreadsheets, chasing audit evidence and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data and simplifies your security at scale. And it fits right into your workflows. Using AI to streamline evidence collection, flag risks and keep your program audit ready all the time. With Vanta, you get everything you need to move faster, scale confidently, and finally, get back to sleep. Get started@vanta.com cyber that's V A N T A dot com cyber.

C (27:39)

At Capella University, learning online doesn't mean learning alone. You'll get support from people who care about your success, like your enrollment specialist who gets to know you and the goals you'd like to achieve. You'll also get a designated academic coach who's with you throughout your entire program. Plus, career coaches are available to help you navigate your professional goals. A different future is closer than you think with Capella University. Learn more at Capella Eduardo and finally.

B (28:17)

For months, local governments guarded Google's projected data center water use in Botator County, Virginia, as though the numbers were national security secrets rather than estimates about H2O. Each agency redacted the figures, insisting they were proprietary because Google said so. The founder of local newspaper the Roanoke Rambler disagreed and, armed with an $86 filing fee and a stubborn streak, took the Western Virginia Water Authority to court. Judge Lisa Cifoni sided with transparency, ruling that water usage estimates are not corporate property and that the public has a right to know what its government plans to pump into billion dollar data center projects. She noted that disclosing consumption only after Google signs on the dotted line is effectively useless. The victory may be temporary. Google, worried competitors might reverse engineer its data center strategy from water totals, is urging an appeal. The Water Authority now appears ready to fight on, sending the case toward the Virginia Court of Appeals, where judges may soon decide whether mere gallons can truly be treated as trade secrets. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead of the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.

A (30:52)

Hey, Ryan Reynolds here wishing you a very happy half off holiday because right now Mint Mobile is offering you the gift of 50% off unlimited. To be clear, that's half price, not half the service. Mint is still premium unlimited wireless for a great price. So that means a half day. Yeah, give it a try@mintmobile.com Switch up.

B (31:15)

Front payment of $45 for three month.

A (31:16)

Plan equivalent to $15 per month required new customer offer for first three months only. Speed slow hacker 35 gigabytes of networks busy taxes and fees extra. C mint mobile.com.