2.5 Admins

2.5 Admins 251: OversharePoint

4 snips
Jun 12, 2025
The podcast dives deep into the potential misuse of Microsoft's Copilot AI in SharePoint, raising major data security concerns. A new metric from NIST aims to help prioritize exploited vulnerabilities effectively. Listeners are introduced to impressive SBCs, including the Odroid H4 Plus and the versatile Banana Pi BPI-R4 Pro router, showcasing powerful features. Additionally, the complexities of setting up a NAS with four disks are discussed, clarifying misconceptions about RAID configurations and emphasizing the importance of data backup strategies.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
INSIGHT

Copilot AI Exploitation Risks

  • Microsoft's Copilot AI can be exploited to access sensitive SharePoint documents without triggering audit logs.
  • Attackers can phrase queries cleverly to bypass restrictions and extract confidential info like passwords.
INSIGHT

Social Engineering in AI Queries

  • Social engineering techniques trick AI agents into revealing sensitive info by framing requests as helpful.
  • Adding careful phrasing biases AI to produce more useful but potentially risky responses.
INSIGHT

AI Complicates Auditing Practices

  • AI agents accessing data in real-time complicate proper auditing due to extensive file access and indistinct data sourcing.
  • Audit logs can overflow as AI may read many files simultaneously to answer queries.
Get the Snipd Podcast app to discover more snips from this episode
Get the app