KnowBe4, Microsoft partner to enhance email security with AI
The announcement details that KnowBe4 Defend will work alongside Microsoft Defender for Office 365, specifically integrating with its quarantine functionality. This collaboration is part of Microsoft's Integrated Cloud Email Security (ICES) initiative, and it marks the first such partnership in the programme, establishing a new approach for security vendors to work together.
Integrated strategy
According to KnowBe4, the Defend platform is designed to complement Microsoft 365's existing protections by introducing agentic AI methods for advanced inbound threat detection. The integration is intended to allow organisations to retain their investment in Microsoft's security tools while benefiting from an additional, purpose-built layer of threat identification and response. "This new collaboration is driving meaningful innovation in cybersecurity. By combining Microsoft's email and collaboration security infrastructure with KnowBe4's leadership in human risk management and robust threat detection capabilities, organizations can now capitalize on a truly integrated defense strategy that benefits from the unique strengths of both platforms. We look forward to offering this to our global customers to help them enhance their security efforts," said Stuart Clark, VP of Product Strategy, KnowBe4.
Detection and response
The integration creates multiple concurrent layers of analysis, which KnowBe4 states will increase the likelihood of detecting and preventing threats from reaching end users. The combined capability draws on Microsoft Defender for Office 365's quarantine processes and KnowBe4 Defend's AI-based detection mechanisms. The set-up is intended to support existing investments in Microsoft security while enhancing the breadth and depth of threat analysis.
Beyond improving threat identification at the point of entry, the combined platforms provide unified Security Operations Centre (SOC) tools. These are designed to speed up incident investigation, support root cause analysis and enable tactical responses, ultimately offering organisations greater visibility and control over email threats targeting their workforce.
Focus on human risk management
KnowBe4 positions itself as focused on human risk management in the cybersecurity sector. The company states it supports organisations in strengthening their security cultures and managing risks associated with human behaviour. Its AI-driven Human Risk Management platform includes modules for training, compliance, real-time coaching, crowdsourced anti-phishing, and AI-based defence agents, all aimed at empowering employees to make better security decisions.
The company claims to be working with over 70,000 organisations globally, delivering a suite of security tools designed to adapt and respond to evolving cybersecurity threats. The HRM+ platform aims to transform end users into effective components of an organisation's overall security posture through education and active participation in identifying threats.
The ICES ecosystem
The strategic partnership with Microsoft places KnowBe4 as the first vendor to join Microsoft's ICES vendor ecosystem, which seeks to foster collaborations with select security firms. The ICES programme is intended to offer Microsoft 365 customers a broader set of defence capabilities by encouraging interoperability between Microsoft's platforms and specialist security vendors.
With this integration, customers can continue to use Microsoft 365 and Defender for Office 365 services, while having the option to add an extra layer of AI-powered detection and response without duplicating existing resources or disrupting their operational processes.
The collaboration is expected to provide a model for future integration between Microsoft and other security companies within the ICES framework. Both companies have emphasised that the approach is focused on building collective defences to mitigate the risks posed by sophisticated email-based threats.
Follow us on:
Share on:
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
6 hours ago
- Techday NZ
Phishing campaign uses fake Microsoft apps to bypass MFA
Proofpoint has identified a complex phishing campaign using counterfeit Microsoft OAuth applications to evade Multi-Factor Authentication (MFA) and gain illicit access to Microsoft 365 accounts. Tactics and scale The campaign involves threat actors creating deceptive Microsoft OAuth applications that impersonate brands including Adobe, DocuSign, and SharePoint. These apps are used in Attacker-in-the-Middle (AiTM) phishing attacks, with the Tycoon phishing kit being the primary tool for harvesting user credentials and intercepting MFA tokens. Researchers at Proofpoint observed over 50 distinct impersonated applications and nearly 3,000 attempted compromises of Microsoft 365 accounts across more than 900 environments. The confirmed success rate for these attacks has exceeded 50% in 2025. Proofpoint noted that, "Threat actors are creating deceptive Microsoft OAuth applications that impersonate well-known brands such as Adobe, DocuSign, and SharePoint. These malicious apps serve as lures in Attacker-in-the-Middle (AiTM) phishing attacks, primarily utilizing the Tycoon phishing kit, to harvest user credentials and intercept MFA tokens." The attacks target a range of industries, with some campaigns tailor-made for specific sectors. For instance, lures directed at aerospace and defence firms use industry language such as "request-for-quotes" (RFQs) and impersonate services like ILSMart. According to the company, "The attacks are often highly tailored. While many campaigns impersonate general enterprise applications, some are customized to specific industries. For instance, Proofpoint observed lures targeting the aerospace and defense sector, using themes like 'request-for-quotes' (RFQs) and impersonating industry-specific services such as ILSMart." Attack method Each campaign typically begins with phishing emails, often sent from accounts that have already been compromised, containing links to a fraudulent OAuth consent page. Users are encouraged to permit what appear to be routine permissions for a familiar application. Whether permissions are accepted or declined, users are redirected to a fabricated Microsoft login page, frequently incorporating the target organisation's Entra ID branding. The fake login page harvests credentials and intercepts MFA tokens using AiTM techniques, giving attackers full access to Microsoft 365 accounts. "The attack flow typically begins with phishing emails, often sent from compromised accounts, containing links to a malicious OAuth consent page. Users are prompted to 'accept' seemingly benign permissions for the fake application. Regardless of whether permissions are accepted or canceled, the user is redirected to a counterfeit Microsoft login page, often branded with their organization's Entra ID. This page then harvests credentials and intercepts MFA tokens via AiTM techniques, granting attackers access to Microsoft 365 accounts." Use of Tycoon platform Much of the observed malicious activity has links to the Tycoon Phishing-as-a-Service platform. Tycoon is designed to intercept credentials and session cookies in real-time, enabling threat actors to bypass MFA restrictions. Proofpoint's research indicates a shift in operational infrastructure by these groups, moving from Russian proxy services to US-based data centre hosts, in a probable effort to avoid detection. "Much of this activity is linked to the Tycoon Phishing-as-a-Service (PhaaS) platform. Tycoon is widely available to cybercriminals and is designed to intercept credentials and session cookies in real-time, effectively bypassing MFA. Proofpoint also noted a recent shift in the campaign's operational infrastructure, moving from Russia-based proxy services to a U.S.-based data center hosting service, potentially an effort to evade detection." Defensive measures Threat actors are creating increasingly innovative attack chains in an attempt to bypass detections and obtain access to organisations globally. Proofpoint anticipates threat actors will increasingly target users' identity, with AiTM credential phishing becoming the criminal industry standard. Recommendations for mitigation include monitoring and blocking malicious email threats, identifying account takeover attempts and unauthorised resource access, employing solutions that provide rapid detection of account compromise, and using auto-remediation features to limit the time attackers have in a system. Web session isolation and ongoing user education, particularly around recognising suspicious Microsoft 365-related requests, are also important. Proofpoint advises, "Email security: Block and monitor malicious email threats targeting your users. Effective BEC-prevention solutions can greatly minimise practical attack surfaces. Cloud security: Identify account takeover (ATO) and unauthorized access to sensitive resources within your cloud environment. These solutions should provide accurate and timely detection of both the initial account compromise and post-compromise activities, including visibility into abused services and applications. Employ auto-remediation capabilities to reduce attackers' dwell time and potential damages. Web security: Isolate potentially malicious sessions initiated by links embedded in email messages. Security awareness: Educate users to be aware of these risks when using Microsoft 365. FIDO: Consider adopting FIDO-based physical security keys." Anticipated impacts Proofpoint notes that upcoming Microsoft updates for Microsoft 365, scheduled for deployment from July to August 2025, are expected to affect these attack techniques significantly. These changes will block legacy authentication protocols and require administrative consent for third-party app access. Proofpoint stated, "Proofpoint anticipates a positive impact from Microsoft's recent updates to default settings for Microsoft 365. Rolling out from July to August 2025, these changes will block legacy authentication protocols and require admin consent for third-party app access, which are expected to significantly disrupt these attack methods."
1News
8 hours ago
- 1News
Dissolving the nuclear taboo would benefit NZ hugely – but do we have the guts?
OPINION: The AI future will require unprecedented amounts of power, and embracing nuclear energy is an obvious, clean solution that could boost the NZ economy for generations. But do we have a leader with the courage? By Thomas Scrimgeour Artificial Intelligence is transforming our world, though not in the way most people imagine. While the knowledge industry revolution is still around the corner, the warehouse-sized computers driving this innovation can't be built fast enough. Data centres already consume roughly 2% of global electricity, which is more than 10 times New Zealand's annual generation, and this figure is projected to double by 2026. The COL4 AI-ready data centre, on a seven-acre campus, Columbus, Ohio. COL4 spans 256,000 square feet with 50 MW of power across three data halls. (Source: Getty) ADVERTISEMENT Elon Musk's xAI recently built the world's largest supercomputer, 'Colossus,' in 122 days. They then doubled its size in just 92. It now requires the power of a small city to operate, and xAI is turning to non-renewables to supply this insatiable need. Around the world, AI's energy demands are rising faster than clean energy capacity can keep up. In Northern Virginia, a major data centre hub, AI-driven power use is expected to triple by 2029, while clean energy capacity will only double. An opportunity for New Zealand This problem is our opportunity. Countries able to deliver clean, reliable, and affordable energy will be best placed to attract billions in data centre investment. The good news is that we already have a distinct competitive advantage. Nearly 90% of New Zealand's electricity generation is renewable, our temperate climate lowers cooling costs, and we're politically stable with strong privacy protections. The sales pitch writes itself. Global hyperscalers have already noticed. Microsoft has invested $1 billion in New Zealand data centres, and Amazon Web Services plans to spend $7.5 billion on their new data centre in northwest Auckland. But here's the hitch: we might have what the world wants, but we don't have enough of it. ADVERTISEMENT Manapōuri hydro power station (Source: Meridian) Hydroelectricity is great, but we're not about to dam another river. Wind and solar are neat, but in midwinter they contribute very little. When renewables fall short, coal and gas fire up, bringing last winter's power price headlines back to haunt us. We need more generation and innovation. The big four power companies, known as gentailers, both produce and sell electricity to consumers. They aren't investing enough in new generation and critics argue the market incentives aren't there to expand capacity. Paul Fuge from Consumer NZ site Powerswitch puts it bluntly: 'the results we're seeing aren't what you'd expect from a thriving competitive market.' Market reform could help. But the real opportunity lies in increasing power production. The morning's headlines in 90 seconds, including Zelensky's suit becomes hot topic at peace summit, a cold blast on the way, and Auckland FC lures new signing back home. (Source: 1News) Conventional geothermal is our best near-term lever. It already supplies nearly 20% of our electricity and operates 24/7, unlike weather-dependent renewable energy. The best estimates suggest that we have enough active geothermal zones to double our output. I believe supercritical geothermal is the natural next step. It involves drilling five kilometres into the Earth's crust to unlock ten times the power of conventional geothermal. However, supercritical geothermal still faces significant technological hurdles. Commercialisation isn't expected until the late 2030s, and it's unclear how quickly it could scale. ADVERTISEMENT So we need a second pillar of clean energy generation, which brings us to the last swear word in New Zealand politics. Nuclear. (I can already smell the uranium.) David Lange at the Oxford Union debate on nuclear weapons,1985, where the then prime minister quipped to his American opponent that he could 'smell the uranium' on his breath. (Source: TVNZ) Can we turn around the taboo? It's only a strange quirk of history that nuclear power is controversial in New Zealand. It got bundled together with the protest backlash of the 1980s, and we've never quite moved on. The 1978 New Zealand Royal Commission on Nuclear Power was expecting a 'significant nuclear power program in the early part of next century.' Better late than never, I suppose. Although traditional nuclear power is brilliant, high upfront costs and a long build time put it in the too-hard basket, especially given New Zealand's basic revulsion. But nuclear technology is rapidly evolving. Small Modular Reactors (SMRs), one-tenth the size of conventional plants, are on the horizon and could be installed in a fraction of the time. A bold government could break the nuclear taboo in a single term. ADVERTISEMENT The Americans want SMRs by the end of the decade. One company, NuScale, already has regulatory approval. Canada will build four 300-megawatt reactors by the mid-2030s, and Japan is reversing plans to decommission its nuclear power plants. All we need is a leader with the courage to take the first step. A feasibility study to work out the who, when, and where of SMRs could be started today. The first politician to raise the issue will take some heat, but Kiwi voters will reward conviction and enjoy the benefits for generations. Energy abundance is the foundation of every productive economy, and the only road to lasting prosperity. We have the chance to do two big, good things: create a data centre industry for New Zealand and generate enough power to bring down costs for everyday Kiwis. But opportunities like this don't wait around. The time to act is now. Thomas Scrimgeour is a reasearcher at the Maxim Institute, an independent think tank based in Auckland.
Techday NZ
a day ago
- Techday NZ
TrustedTech rebrands to boost Microsoft cloud & AI services
TrustedTech has announced a significant rebrand, outlining its transition from a licensing provider to a comprehensive technology partner focused on Microsoft cloud solutions and IT modernisation. The rebrand accompanies TrustedTech's recognition as a Microsoft Managed Partner, a category held by fewer than 1% of Microsoft's 400,000 global partners. The company states this upgraded status signifies its commitment to delivering secure and scalable solutions built on Microsoft technologies, while enhancing its collaboration with Microsoft for its clients' benefit. Expanded services and enterprise focus Since enhancing its service offerings in 2022, TrustedTech reports that its services revenue has increased eleven-fold. The upsurge is attributed to growing client interest in artificial intelligence adoption, Azure infrastructure migrations, and advanced IT support. The firm's teams, located in both the United Kingdom and United States, now deliver Microsoft Copilot deployments, security hardening, and tailored support to organisations dealing with complex IT environments and merger and acquisition activities. TrustedTech's expanded service portfolio includes Microsoft Copilot implementation, Azure infrastructure tenant migrations, Microsoft 365 optimisation, security enhancements, tailored licensing advisory, and a comprehensive suite of professional services and technical break/fix support, especially targeting businesses undergoing significant organisational change. The company's offerings have broadened beyond Microsoft licensing to incorporate solutions from leading vendors in cybersecurity, disaster recovery, and backup, all of which have experienced marked growth in 2025. Professional services within Modern Work, Azure, and custom solutions have seen a surge of 5.2 times over the past 24 months, contributing to large-scale client transformation projects. Rebrand purpose and leadership perspective "This evolution isn't about a new name and logo, it's about rising to meet the moment. Every part of our rebrand was to allow our current and future customers the ability to access sophisticated technologies while minimizing time-to-value in today's fast-moving technology landscape. It's not just a better version of who we were, but the best form of who we will be for businesses who need a true partner to help them navigate AI adoption, modernize legacy systems, and make smarter, faster technology decisions," said Julian Hamood, Founder of TrustedTech. The company emphasises that as organisations adopt more sophisticated technologies, they often encounter fragmented solutions, increased technical debt, and limited internal capacity. TrustedTech positions itself as a strategic technology partner offering practical support, technical expertise, and guidance to help clients advance IT modernisation initiatives. Across its range of professional services, support offerings, and products, TrustedTech has not only seen eleven-fold growth in service revenue, but a six-fold expansion in its enterprise delivery and support personnel. This positions the firm to support a larger enterprise clientele integrating cloud, security, and continuity services throughout their IT infrastructure. Client outcomes and future direction "Our customers are navigating rapid technology shifts that demand smarter strategies and reliable support. We're committed to empowering IT leaders to confidently adopt AI, optimize cloud environments, and modernize their infrastructure, delivering practical solutions that drive real business outcomes. TrustedTech is here to turn complexity into clarity, so our clients can focus on growth and innovation," added Hamood. TrustedTech's current market footprint extends further into the enterprise sector, aiming to serve organisations seeking integrated support across licensing, security, business continuity, and digital transformation efforts. The firm's teams, comprising highly trained Microsoft architects and engineers, offer expertise in resolving technical challenges, particularly within Microsoft 365 and Azure environments. TrustedTech holds every available designation in the Microsoft Cloud Partner Programme and continues to develop services designed to support businesses through AI adoption, cloud modernisation, and the broader digital transformation journey.
