{
	"id": "41c5b25f-cade-454d-b447-3dfc4696d185",
	"created_at": "2026-04-06T00:21:34.605769Z",
	"updated_at": "2026-04-10T03:24:29.073165Z",
	"deleted_at": null,
	"sha1_hash": "ee03878bcbd1119d95edbaa47cd2a135b67cc76a",
	"title": "AI and agents Insights | Microsoft Security Blog",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 242402,
	"plain_text": "AI and agents Insights | Microsoft Security Blog\r\nPublished: 2026-04-02 · Archived: 2026-04-05 17:55:13 UTC\r\nAI and machine learning help you identify threats sooner and respond more effectively. Learn how to safeguard\r\nyour infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS) resources\r\nacross multicloud and hybrid environments.\r\nFiltered by\r\nClear All\r\nAI and agents\r\nRefine results\r\nSort By\r\nContent Type\r\nhttps://cloudblogs.microsoft.com/microsoftsecure/2017/11/06/mitigating-and-eliminating-info-stealing-qakbot-and-emotet-in-corporate-networks/\r\nPage 1 of 3\n\nTopic\r\nProducts and services\r\nPublish date\r\nThreat actor abuse of AI accelerates from tool to cyberattack surface\r\nGenerative AI is upgrading cyberattacks, from 450% higher phishing click‑through rates to industrialized\r\nMFA bypass.\r\nApplying security fundamentals to AI: Practical advice for CISOs\r\nRead actionable advice for CISOs on securing AI, managing risk, and applying core security principles in\r\ntoday’s AI‑powered environment.\r\nIdentity security is the new pressure point for modern cyberattacks\r\nRead the latest Microsoft Secure Access report for insights into why a unified identity and access strategy\r\noffers strong modern protection.\r\nGoverning AI agent behavior: Aligning user, developer, role, and organizational intent\r\nThis research report explores the layers of agent intent and how to align them for secure enterprise AI\r\nadoption.\r\nCTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents\r\nExcerpt: CTI-REALM is Microsoft’s open-source benchmark for evaluating AI agents on real-world\r\ndetection engineering—turning cyber threat intelligence (CTI) into validated detections.\r\nSecure agentic AI end-to-end\r\nIn this agentic era, security must be woven into, and around, every layer of the AI estate.\r\nNew tools and guidance: Announcing Zero Trust for AI\r\nMicrosoft introduces Zero Trust for AI, adding a new AI pillar to its workshop, enhanced reference\r\narchitecture, updated guidance, and a new assessment tool.\r\nNew Microsoft Purview innovations for Fabric to safely accelerate your AI transformation\r\nAs organizations adopt AI, security and governance remain core primitives for safe AI transformation and\r\nacceleration.\r\nhttps://cloudblogs.microsoft.com/microsoftsecure/2017/11/06/mitigating-and-eliminating-info-stealing-qakbot-and-emotet-in-corporate-networks/\r\nPage 2 of 3\n\nDetecting and analyzing prompt abuse in AI tools\r\nHidden instructions in content can subtly bias AI, and our scenario shows how prompt injection works,\r\nhighlighting the need for oversight and a structured response playbook.\r\nSecure agentic AI for your Frontier Transformation\r\nWe are announcing the next step to make Frontier Transformation real for customers across every industry\r\nwith Wave 3 of Microsoft 365 Copilot, Microsoft Agent 365, and Microsoft 365 E7: The Frontier Suite.\r\nSource: https://cloudblogs.microsoft.com/microsoftsecure/2017/11/06/mitigating-and-eliminating-info-stealing-qakbot-and-emotet-in-corporat\r\ne-networks/\r\nhttps://cloudblogs.microsoft.com/microsoftsecure/2017/11/06/mitigating-and-eliminating-info-stealing-qakbot-and-emotet-in-corporate-networks/\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://cloudblogs.microsoft.com/microsoftsecure/2017/11/06/mitigating-and-eliminating-info-stealing-qakbot-and-emotet-in-corporate-networks/"
	],
	"report_names": [
		"mitigating-and-eliminating-info-stealing-qakbot-and-emotet-in-corporate-networks"
	],
	"threat_actors": [
		{
			"id": "aa73cd6a-868c-4ae4-a5b2-7cb2c5ad1e9d",
			"created_at": "2022-10-25T16:07:24.139848Z",
			"updated_at": "2026-04-10T02:00:04.878798Z",
			"deleted_at": null,
			"main_name": "Safe",
			"aliases": [],
			"source_name": "ETDA:Safe",
			"tools": [
				"DebugView",
				"LZ77",
				"OpenDoc",
				"SafeDisk",
				"TypeConfig",
				"UPXShell",
				"UsbDoc",
				"UsbExe"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775434894,
	"ts_updated_at": 1775791469,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/ee03878bcbd1119d95edbaa47cd2a135b67cc76a.pdf",
		"text": "https://archive.orkl.eu/ee03878bcbd1119d95edbaa47cd2a135b67cc76a.txt",
		"img": "https://archive.orkl.eu/ee03878bcbd1119d95edbaa47cd2a135b67cc76a.jpg"
	}
}