Everyone needs a Copilot like this.

Mar 29 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily newsletter that protects the fortress like David Koresh.

Today’s hottest cyber security stories:

  • Microsoft launches Security co-pilot tool
  • Russian ‘hacktivists’ unleash cyber-hell on Ukraine’s allies
  • N. Korean ‘APT43’ hacking group targets the U.S., Europe


Microsoft has announced the launch of a cool new tool which will work alongside existing cybersecurity protocol’s from the computing giant.

The company claims that the security program, which was released in a limited preview format yesterday, will provide “end-to-end defence at machine speed and scale”.

It’s powered by OpenAI’s GPT-4 generative AI (or ChatGPT, as we know it – the engine at least) and is likely an attempt to pre-emptively combat the onslaught of phishing attacks expected to commence following OpenAI’s release of ChatGPT in November, 2022.

Security Co-pilot will help security teams and individuals collate data and insights collected by Microsoft’s existing cybersecurity tools, such as Microsoft Sentinel, Defender, and Intune.

OK computer! 

So, listen up, my dear human friend! You won’t believe the things Security Copilot is capable of!

Not only can it sniff out those pesky suspicious logins, but it can even whip up a legit-looking PowerPoint presentation about it!

And get this, it’s not picky either – it’ll happily take all sorts of files, URLs, and code snippets for analysis. It’s like having your own personal detective with a PhD in cybersecurity!

Here’s a video released by Microsoft on YouTube about Security Copilot:

This comes as some welcome positive news in the world of cybersecurity which often seems awash with doomsday predictions, especially following the advent of AI chat tools which, in the wrong hands, could spell curtains for the cybersphere.

And what’s more, it won’t mine your data!

Redmond said its proprietary security-specific model is informed by more than 65 trillion daily signals, emphasising that the tool is privacy-compliant and customer data “is not used to train the foundation AI models.”

“The odds remain stacked against cybersecurity professionals”

Vasu Jakkal, Microsoft’s corporate vice president of security, compliance, identity, and management, said: “Today the odds remain stacked against cybersecurity professionals.”

“Too often, they fight an asymmetric battle against prolific, relentless and sophisticated attackers. To protect their organisations, defenders must respond to threats that are often hidden among noise.”

Microsoft is taking full advantage of AI technology, having just weeks ago launched Microsoft 365 Copilot, integrating AI capabilities within its suite of productivity and enterprise apps such as Office, Outlook, and Teams.

Security Copilot is just the latest in a stream of releases and updates wherein Microsoft has integrated AI into existing services such as Bing, Edge browser, GitHub, LinkedIn, and Skype.

Keep up the good work, guys! We love to see big companies like Microsoft leading the way when it comes to ensuring our cybersecurity.

Good job, Bill!


Okay, do you want the good news first or the bad news?

Let’s go with the good news: the cyberwarfare Russia has been waging alongside the physical war on Ukraine has largely been a failure.

Ukraine’s always the little engine that could, right? So we applaud their resilience (and resistance, generally) in combating Russia’s cyberattacks.

If you can’t beat them, launch cyber attacks at their allies

Now, for the bad news: Enraged that their cyberattacks on Ukraine have fallen flat, they’ve resorted to targeting some of Ukraine’s allies.

Indeed, according to US and French analysts, Moscow is increasingly targeting Kyiv’s European allies, including Poland, along with Nordic and Baltic countries. Bastards!

French defence firm Thales had the following to say on the subject: “These groups of independent, civilian hacktivists have emerged as a new component in the conflict.

“They can be assimilated to a cybercriminal group with specific political objectives and interests, acting out of conviction, yet not directly sponsored by any government.

“Members of such groups have a broad array of origins, technical skills and backgrounds.”

Food for thought, eh? As a closing thought, bear in mind that 60 percent of all cyberattacks worldwide come from Russia. And Microsoft said in a threat assessment earlier this month that Russian actors had launched attacks in at least 17 European countries in the first six weeks of this year.

Geez guys, take a day off.


We’re imminently approaching our word limit in today’s issue, so in the interest of retaining your hard-earned attention, here’s the briefest of rundowns on the latest from Kim Jong No Fun and his cronies over in North Korea.

  • A new North Korean nation-state cyber operator has been identified.
  • Google-owned Mandiant, which is tracking the activity cluster has given them the moniker APT43
  • The group’s motives are both espionage- and financially-motivated
  • Victimology patterns suggest that targeting is focused on South Korea, the U.S., Japan, and Europe
  • “APT43 is a prolific cyber operator that supports the interests of the North Korean regime,” Mandiant researchers said.

State-sanctioned cyberattacks. What a time to be alive! But wait? Are these pesky Russian and North Korean hackers ready for Security Copilot?! Microsoft: hold my beer.

Cheers and stay safe!

So long and thanks for reading all the phish!

Recent articles