Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://cyberplace.social/users/GossiTheDog/statuses/111785181190085578">Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 20-Jan-2024 08:21:50 JST</a><a href="https://cyberplace.social/@GossiTheDog" title="gossithedog@cyberplace.social"><img src="https://gnusocial.jp/avatar/38360-48-20240926225417.webp" width="48" height="48" alt="Kevin Beaumont" style="position: absolute; left: 0; top: 0;">Kevin Beaumont</a><div><a href="https://cyberplace.social/@GossiTheDog/111785112067775092" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p>I agree with <a href="https://cybervillains.com/@alex">@alex</a> here, Microsoft needs to do a much more public disclosure. </p><p>Microsoft staff use Microsoft 365 email with Exchange Online. Eg I was gossi@microsoft.com. </p><p>I think MS needs to explain to M365 customers how mailboxes were accessed via password spraying. </p><p><a href="https://cybervillains.com/@alex/111784898390473171" rel="nofollow noreferrer">https://cybervillains.com/@alex/111784898390473171</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2609876#notice-5170079">In conversation</a><time datetime="2024-01-20T08:21:50+09:00" title="Saturday, 20-Jan-2024 08:21:50 JST">about 10 months ago</time> <span>from <span><a href="https://cyberplace.social/@GossiTheDog/111785181190085578" rel="external" title="Sent from cyberplace.social via ActivityPub">cyberplace.social</a></span></span><a href="https://cyberplace.social/@GossiTheDog/111785181190085578">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: cdn-dynmedia-1.microsoft.com</div><h5><a href="https://www.microsoft.com/">Microsoft – クラウド、コンピューター、アプリ &amp; ゲーム</a></h5><div></div></header><div>ご自宅やビジネスでご利用いただける Microsoft 製品とサービスをご覧ください。Surface、Microsoft 365、Xbox、Windows、Azure などをご購入いただけます。ダウンロードやサポートもご用意しています。</div><footer></footer></article></li><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="https://cybervillains.com/@alex/111784898390473171">Alex Stamos (@alex@cybervillains.com)</a></h5><div> from <span>Alex Stamos</span></div></header><div>Microsoft just announced that they were breached by the SVR, the same Russian intelligence agency that broke into Solarwinds.This is a big deal, and Microsoft owes all of us a much more detailed description of what happened.https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Saturday, 20-Jan-2024 08:21:50 JSTKevin Beaumont
in reply to
- Alex Stamos
I agree with @alex here, Microsoft needs to do a much more public disclosure.
Microsoft staff use Microsoft 365 email with Exchange Online. Eg I was gossi@microsoft.com.
I think MS needs to explain to M365 customers how mailboxes were accessed via password spraying.
https://cybervillains.com/@alex/111784898390473171
In conversationabout 10 months ago from cyberplace.socialpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: cdn-dynmedia-1.microsoft.com
  Microsoft – クラウド、コンピューター、アプリ & ゲーム
  ご自宅やビジネスでご利用いただける Microsoft 製品とサービスをご覧ください。Surface、Microsoft 365、Xbox、Windows、Azure などをご購入いただけます。ダウンロードやサポートもご用意しています。
2. No result found on File_thumbnail lookup.
  Alex Stamos (@alex@cybervillains.com)
  from Alex Stamos
  Microsoft just announced that they were breached by the SVR, the same Russian intelligence agency that broke into Solarwinds. This is a big deal, and Microsoft owes all of us a much more detailed description of what happened. https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/

Public

Embed Notice

HTML Code

Corresponding Notice