Living off Microsoft Copilot - Exploiting AI for Red Team Operations

Explore a comprehensive analysis of Microsoft Copilot's potential for post-compromise exploitation in this 42-minute Black Hat conference talk. Discover how hackers can leverage Copilot plugins to install backdoors, enabling data theft and AI-based social engineering. Learn about circumventing built-in security controls using AI and the introduction of LOLCopilot, a red-teaming tool for ethical hacking in M365 Copilot-enabled tenants. Gain insights into detection and hardening techniques to protect against malicious insiders and threat actors with Copilot access. Presented by cybersecurity experts from Zenity, this talk offers a deep dive into the practical implications of AI-assisted hacking and essential countermeasures.