security — 2025-11

3 result(s)

• security: ​​Securing critical infrastructure: Why Europe’s risk-based regulations matter
  2025-11-05 · security · timeframe: 2025-11 · tags: cybersecurity, Europe, EU legislation, risk-based regulation, critical infrastructure, CISO, compliance

  The article explains how new European Union risk-based legislation helps CISOs strengthen cybersecurity for critical infrastructure by encouraging organizations to assess and prioritize risks, align controls with regulatory expectations, and build more resilient systems.

  • Source: Microsoft Security Blog

• security: ​​Learn what generative AI can do for your security operations center
  2025-11-04 · security · timeframe: 2025-11 · tags: generative AI, security operations center, SOC, alert fatigue, threat hunting, Microsoft Security, e-book, cybersecurity

  A new Microsoft Security Blog e-book explains how generative AI can improve security operations centers (SOCs) by reducing alert fatigue, accelerating triage and investigation, enabling proactive threat hunting, and more to boost SOC efficiency and effectiveness.

  • Source: Microsoft Security Blog

• security: SesameOp: Novel backdoor uses OpenAI Assistants API for command and control
  2025-11-03 · security · timeframe: 2025-11 · tags: SesameOp, backdoor, OpenAI, Assistants API, command-and-control, C2, Microsoft DART, cybersecurity

  Microsoft DART researchers identified a novel backdoor, dubbed SesameOp, that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. A component of the backdoor uses the Assistants API as a storage/relay to fetch commands and execute tasks inside compromised environments, avoiding traditional C2 methods.

  • Source: Microsoft Security Blog