LinkedIn

The Flight Recorder SOCs Have Not Built-AI Security Operations Trilogy

The AI security conversation in 2026 has converged on a comfortable consensus. We have inventoried the agents. We have written the prompt-injection detections. We have onboarded the Copilot audit logs ...
GitHub

Doot-Workspaces/grounded-mcp

A grounded Claude-Code distribution of the Microsoft 365 MCP — based on hvkshetry/office-365-mcp-server, extended with safety hooks, credential guard, outbound format discipline, runtime verification, ...
LinkedIn

Transforming Security Investigations with GitHub Copilot, Microsoft Sentinel Data Lake and Model Context Protocol (MCP)

5. 𝗣𝗿𝗼𝘃𝗶𝗱𝗲𝗱 𝗮 𝗳𝗶𝗻𝗮𝗹 𝗿𝗶𝘀𝗸 𝗮𝘀𝘀𝗲𝘀𝘀𝗺𝗲𝗻𝘁 with separate verdicts for VPN activity (LOW ...
Microsoft

Disrupting threats targeting Microsoft Teams

The extensive collaboration features and global adoption of Microsoft Teams make it a high-value target for both cybercriminals and state-sponsored actors. Threat actors abuse its core capabilities – ...
GitHub

Remotely Control a compromised Windows Device from your Outlook Mailbox.

Elastic Security Labs has discovered active intrusions in the wild using SIESTAGRAPH. SIESTAGRAPH interacts with Microsoft’s GraphAPI for command and control using Outlook and OneDrive. Check out ...
Microsoft

FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines

FinFisher is such a complex piece of malware that, like other researchers, we had to devise special methods to crack it. We needed to do this to understand the techniques FinFisher uses to compromise ...