SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Friday, June 13th, 2025: Honeypot Scripts; EchoLeak MSFT Copilot Vuln; Thunderbolt mailbox URL Vuln;
Jun 13, 2025
Dive into the world of cybersecurity with an intriguing discussion on honeypot scripts and automated tools for DShield investigations. Discover the alarming EchoLeak vulnerability in Microsoft 365 Copilot that allowed zero-click data leaks. The podcast also unpacks a Thunderbolt vulnerability where unsuspecting users could be tricked into downloading malicious files via deceptive email links. This episode highlights the urgency of user awareness and the importance of keeping software updated to fend off these threats.
AI Snips
Chapters
Transcript
Episode notes
Learning From Honeypot Scripts
- Look at honeypot scripts as inspiration for your own scripting projects.
- Learn how data is extracted to improve your skills with similar datasets.
Microsoft Copilot Vulnerability Insight
- Microsoft 365 Copilot struggles to differentiate user instructions from document content.
- This confusion allows attackers to control Copilot and exfiltrate data via image links.
Update Thunderbird Against Mailbox Exploit
- Update Thunderbird promptly to avoid mailbox:/// URL exploits.
- Beware that mailbox:// URLs can trigger malicious file downloads or credential leaks.