Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://cyberplace.social/users/GossiTheDog/statuses/112742087825152859">Kevin Beaumont (gossithedog@cyberplace.social)'s status on Sunday, 07-Jul-2024 08:16:39 JST</a><a href="https://cyberplace.social/@GossiTheDog" title="gossithedog@cyberplace.social"><img src="https://gnusocial.jp/avatar/38360-48-20250225114715.webp" width="48" height="48" alt="Kevin Beaumont" style="position: absolute; left: 0; top: 0;">Kevin Beaumont</a><div><a href="https://cyberplace.social/@GossiTheDog/112739196365656702" rel="in-reply-to">in reply to</a></div></section><article><p>I’ve blown this up on LinkedIn now as it’s clear from talking to lots of impacted orgs they’ve found out about their breach from me. </p><p>The emails in the MS notification flow don’t even pass SPF, DKIM. It’s great that MS are being transparent — but they need to get down how to notify orgs. </p><p><a href="https://www.linkedin.com/posts/kevin-beaumont-security_check-your-email-logs-including-exchange-activity-7215355395878305793-K8n_?utm_source=share&amp;utm_medium=member_ios" rel="nofollow noreferrer">https://www.linkedin.com/posts/kevin-beaumont-security_check-your-email-logs-including-exchange-activity-7215355395878305793-K8n_?utm_source=share&amp;utm_medium=member_ios</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3335596#notice-6577667">In conversation</a><time datetime="2024-07-07T08:16:39+09:00" title="Sunday, 07-Jul-2024 08:16:39 JST">about 10 months ago</time> <span>from <span><a href="https://cyberplace.social/@GossiTheDog/112742087825152859" rel="external" title="Sent from cyberplace.social via ActivityPub">cyberplace.social</a></span></span><a href="https://cyberplace.social/@GossiTheDog/112742087825152859">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: media.licdn.com</div><h5><a href="https://www.linkedin.com/posts/kevin-beaumont-security_check-your-email-logs-including-exchange-activity-7215355395878305793-K8n_?utm_source=share&amp;utm_medium=member_ios">Kevin Beaumont on LinkedIn: Check your email logs (including Exchange Online) for an email from… | 55 comments</a></h5><div></div></header><div>Check your email logs (including Exchange Online) for an email from mbsupport@microsoft.com. Microsoft had a breach by Russia impacting customer data and… | 55 comments on LinkedIn</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Sunday, 07-Jul-2024 08:16:39 JST Kevin Beaumont
in reply to
I’ve blown this up on LinkedIn now as it’s clear from talking to lots of impacted orgs they’ve found out about their breach from me.
The emails in the MS notification flow don’t even pass SPF, DKIM. It’s great that MS are being transparent — but they need to get down how to notify orgs.
https://www.linkedin.com/posts/kevin-beaumont-security_check-your-email-logs-including-exchange-activity-7215355395878305793-K8n_?utm_source=share&utm_medium=member_ios
In conversationabout 10 months ago from cyberplace.socialpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: media.licdn.com
  Kevin Beaumont on LinkedIn: Check your email logs (including Exchange Online) for an email from… | 55 comments
  Check your email logs (including Exchange Online) for an email from mbsupport@microsoft.com. Microsoft had a breach by Russia impacting customer data and… | 55 comments on LinkedIn

Public

Embed Notice

HTML Code

Corresponding Notice