New Warning — Microsoft Copilot AI Can Access Restricted Passwords
Hackers have used Copilot AI to extract passwords from Microsoft SharePoint.
As the name implies, Pen Test Partners is a company that specializes in security consulting, specifically penetration testing. These are professional hackers who can find the exact same routes to compromise your systems that the most advanced attackers would look to exploit. Those threat actors are increasingly using AI-powered attacks, so it makes sense for red team hackers to do likewise. And that, dear reader, is what happened when Pen Test Partners took a close look at how Microsoft's Copilot AI for SharePoint could be exploited. The results were, to say the least, concerning. Not least considering an encrypted spreadsheet that the hackers were, quite rightly, rejected from opening by SharePoint, no matter what method was employed, was broken wide open when they asked the Copilot AI agent to go get it. 'The agent then successfully printed the contents,' Jack Barradell-Johns, a red team security consultant with the security company, said, 'including the passwords allowing us to access the encrypted spreadsheet.'
AI can be a force for good when it comes to security protections, but also, increasingly, a force for bad. The latter has recently been exemplified in a multi-stage AI-driven attack against Microsoft Teams users, for example.
I would strongly recommend reading the full report for all the details of how the red team hackers exploited Copilot AI for SharePoint during their engagement, but I want to focus on the access to passwords, as that's what has really grabbed my attention, and should grab yours as well.
Barradell-Johns explained that during the engagement, the red teamers encountered a file named passwords.txt, located adjacent to an encrypted spreadsheet containing sensitive information. Naturally, they tried to access the file. Just as naturally, Microsoft SharePoint said nope, no way. 'Notably,' Barradell-Johns said, 'in this case, all methods of opening the file in the browser had been restricted.'
So, what did the red team hackers do? Use the read team hacking mindset and ask the Copilot AI for Sharepoint agent to go and get it instead. 'The agent then successfully printed the contents,' Barradell-Johns reported, 'including the passwords allowing us to access the encrypted spreadsheet.' The download restrictions that are part of the restricted view protections were circumvented, and the content of the Copilot chats could be freely copied.
I reached out to Microsoft, and a spokesperson said:
'SharePoint information protection principles ensure that content is secured at the storage level through user-specific permissions and that access is audited. This means that if a user does not have permission to access specific content, they will not be able to view it through Copilot or any other agent. Additionally, any access to content through Copilot or an agent is logged and monitored for compliance and security.'
I then contacted Ken Munro, founder of Pen Test Partners, who issued the following statement addressing the points made in the one provided by Microsoft.
'Microsoft are technically correct about user permissions, but that's not what we are exploiting here. They are also correct about logging, but again it comes down to configuration. In many cases, organisations aren't typically logging the activities that we're taking advantage of here. Having more granular user permissions would mitigate this, but in many organisations data on SharePoint isn't as well managed as it could be. That's exactly what we're exploiting. These agents are enabled per user, based on licenses, and organisations we have spoken to do not always understand the implications of adding those licenses to their users.'
And, you'd better believe, if there are any configuration holes, then Copilot AI will find them.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
16 minutes ago
- Yahoo
Nvidia (NVDA) Extends $1 Trillion Rally as AI Optimism Grows
Nvidia (NVDA, Financials) surged over 45% from its April low, adding $1 trillion in value and closing in on Microsoft's (MSFT, Financials) spot as the world's most valuable company, according to Bloomberg. Warning! GuruFocus has detected 4 Warning Signs with NVDA. Despite the sharp rally, Nvidia trades at about 29 times projected earnings over the next 12 months below its 10-year average of 34 times. The stock's price-to-earnings-to-growth ratio is under 0.9, the lowest among major tech peers, signaling potential undervaluation. Bloomberg data shows analysts remain bullish, with 69 of 78 rating the stock a buy and only one issuing a sell. The average price target implies a further 24% upside. Investors have shaken off early-year concerns tied to U.S.-China tensions and semiconductor sales restrictions. Bloomberg reported Nvidia lost $2.5 billion in Q1 sales from a China chip ban and expects an $8 billion hit in Q2, but demand elsewhere appears strong. U.S. tech giants including Microsoft, Amazon (AMZN, Financials), Alphabet (GOOG, Financials) and Meta Meta Platforms (META, Financials) are projected to spend $330 billion on AI infrastructure in 2026, up 6% from 2025, helping sustain Nvidia's growth momentum. Still, trade exposure lingers. China contributed 13% of Nvidia's revenue in Q1. With President Trump's administration threatening broader tech restrictions, Nvidia could face further headwinds. CEO Jensen Huang said no new China-focused products are planned for now, but the company is monitoring the policy environment. Nvidia's relatively low institutional ownership 74% of long-only funds, compared with 91% for Microsoft leaves room for additional buying pressure. Analysts like Samuel Rines of WisdomTree argue Nvidia's earnings multiple could rise into the high 30s or low 40s as AI capex accelerates. Investors will continue to watch for signals from Washington on trade, as well as ongoing data center demand trends. This article first appeared on GuruFocus. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
CBS News
17 minutes ago
- CBS News
Meta and Constellation sign 20-year nuclear power deal in Illinois to power AI
Meta has cut a 20-year deal to secure nuclear power to help meet surging demand for artificial intelligence and other computing needs at Facebook's parent company. The investment with Meta will also expand the output of a Constellation Energy Illinois nuclear plant. The agreement announced Tuesday is just the latest in a string of tech-nuclear partnerships as the use of AI expands. Financial details of the agreement were not disclosed. Constellation's Clinton Clean Energy Center was actually slated to close in 2017 after years of financial losses but was saved by legislation in Illinois establishing a zero-emission credit program to support the plant into 2027. The agreement deal takes effect in June of 2027, when the state's taxpayer funded zero-emission credit program expires. With the arrival of Meta, Clinton's clean energy output will expand by 30 megawatts, preserve 1,100 local jobs and bring in $13.5 million in annual tax revenue, according to the companies. The plant currently powers the equivalent of about 800,000 U.S. homes. George Gross, professor of electrical and computer engineering at the University of Illinois. estimates that 30 additional megawatts would be enough to power a city with about 30,00 residents for one year. "Securing clean, reliable energy is necessary to continue advancing our AI ambitions," said Urvi Parekh, Meta's head of global energy. Surging investments in small nuclear reactors comes at a time when large tech companies are facing two major demands: a need to increase their energy supply for AI and data centers, among other needs, while also trying to meet their long-term goals to significantly cut greenhouse gas emissions. Constellation, the owner of the shuttered Three Mile Island nuclear power plant, said in September that it planned to restart the reactor so tech giant Microsoft could secure power to supply its data centers. Three Mile Island, located on the Susquehanna River just outside Harrisburg, Pennsylvania, was the site of the nation's worst commercial nuclear power accident in 1979. Also last fall, Amazon said it was investing in small nuclear reactors, two days after a similar announcement by Google. Additionally, Google announced last month that it was investing in three advanced nuclear energy projects with Elementl Power. U.S. states have been positioning themselves to meet the tech industry's power needs as policymakers consider expanding subsidies and gutting regulatory obstacles. Last year, 25 states passed legislation to support advanced nuclear energy, and lawmakers this year have introduced over 200 bills supportive of nuclear energy, according to the trade association Nuclear Energy Institute. Advanced reactor designs from competing firms are filling up the federal government's regulatory pipeline as the industry touts them as a reliable, climate-friendly way to meet electricity demands from tech giants desperate to power their fast-growing artificial intelligence platforms. Still, it's unlikely the U.S. could quadruple its nuclear production within the next 25 years, like the White House wants. The United States lacks any next-generation reactors operating commercially and only two new large reactors have been built from scratch in nearly 50 years. Those two reactors, at a nuclear plant in Georgia, were completed years late and at least $17 billion over budget. Additionally, Gross recommends that the U.S. invest more in the transmission grid that moves that power around. "That's my biggest concern," Gross said, adding that spending on the grid has actually fallen off in recent years, despite the voracious demand for energy. Amazon, Google and Microsoft also have been investing in solar and wind technologies, which make electricity without producing greenhouse gas emissions. Shares of Constellation Energy Corp., based in Baltimore, were flat Tuesday. Is the U.S. ready for nuclear-powered AI? France has touted its ample nuclear power — which produces about 75% of the nation's electricity, the highest level in the world — as a key element in its pitch to be an AI leader. Hosting an AI summit in Paris earlier this year, French President Emmanuel Macron cited President Donald Trump's "drill baby drill" slogan and offered another: "Here there's no need to drill, it's just plug baby plug." In the U.S., however, most of the electricity consumed by data centers relies on fossil fuels — burning natural gas and sometimes coal — according to an April report from the International Energy Agency. As AI demand rises, the main source of new supply over the coming years is expected to be from gas-fired plants, a cheap and reliable source of power but one that produces planet-warming emissions. Renewable energy sources such as solar and wind account for about 24% of data center power in the U.S., while nuclear comprises about 15%, according to the IEA. It will take years before enough climate-friendlier power sources, including nuclear, could start slowing the expansion of fossil fuel power generation. A report released by the U.S. Department of Energy late last year estimated that the electricity needed for data centers in the U.S. tripled over the past decade and is projected to double or triple again by 2028 when it could consume up to 12% of the nation's electricity. Why does AI need so much energy? It takes a lot of computing power to make an AI chatbot and the systems they're built on, such as Meta's Llama. It starts with a process called training or pretraining — the "P" in ChatGPT — that involves AI systems "learning" from the patterns of huge troves of data. To do that, they need specialized computer chips — usually graphics processors, or GPUs — that can run many calculations at a time on a network of devices in communication with each other. Once trained, a generative AI tool still needs electricity to do the work, such as when you ask a chatbot to compose a document or generate an image. That process is called inferencing. A trained AI model must take in new information and make inferences from what it already knows to produce a response. All of that computing takes a lot of electricity and generates a lot of heat. To keep it cool enough to work properly, data centers need air conditioning. That can require even more electricity, so most data center operators look for other cooling techniques that usually involve pumping in water.
Yahoo
19 minutes ago
- Yahoo
Gavin Newsom, Elon Musk and Marjorie Taylor Greene agree on this one thing
SAN FRANCISCO — California Gov. Gavin Newsom and fellow Sacramento Democrats are finding themselves in an awkward yet convenient alliance with MAGA-world figures against President Donald Trump's 'big, beautiful bill.' Just days after leaving the administration, Elon Musk took his opposition to the extreme over Trump's mega budget and reconciliation package, posting on X Tuesday that he 'just can't stand it anymore' with what he called the 'disgusting abomination' that is 'this massive, outrageous, pork-filled Congressional spending bill.' His outburst had Newsom, a frequent sparring partner, chiming in with agreement. 'Couldn't have said it better myself,' the governor responded to Musk. The vote of support from Newsom marks the latest turn in the rocky relationship between him and Musk, who enjoyed a favorable relationship with the governor while growing many of his companies within the state, but had become a regular target of criticism from the blue state leader during his time at the White House. Musk's post, meanwhile, encouraged Republican critics of the reconciliation package like Rep. Thomas Massie (R-Ky.) and Sen. Rand Paul (R-Ky.) to quickly echo his outrage as well. But Newsom also found himself in agreement with conservative firebrand Rep. Marjorie Taylor Greene (R-Ga.) on Tuesday over a particularly thorny provision of the bill: a 10-year ban on the enforcement of AI state regulation introduced by her fellow House Republicans. The Georgia lawmaker threatened to vote against the bill if it returns to the House with the moratorium still included — presenting a potential headache for GOP leadership, who could barely scrounge up the votes the first time. The package is being considered in the Senate, where the measure may not survive scrutiny under the upper chamber's Byrd rule, meant to strip out measures that have no impact or only a negligible one on the budget. 'I am adamantly OPPOSED to this and it is a violation of state rights and I would have voted NO if I had known this was in there,' Greene posted on X. 'We have no idea what AI will be capable of in the next 10 years and giving it free rein and tying states hands is potentially dangerous.' Newsom, who previously expressed fears about overregulating California's booming AI industry, has said he is concerned the moratorium will be 'overcorrecting in the other direction federally.' Four Democrats from the California Legislature joined a letter to Congress from state lawmakers on Tuesday morning to oppose the moratorium on state AI laws, only to see their criticisms echoed by Greene hours later. 'Given the long absence of federal action to address privacy and social media harms, barring all state and local AI laws until Congress acts threatens to setback policymaking and undermine existing enforcement on these issues,' they wrote as part of a bipartisan coalition of 260 state lawmakers. 'We respectfully urge you to reject any provision that preempts state and local AI legislation in this year's reconciliation package.'
