Microsoft.
Microsoft was unable to store security log information for multiple cloud products used in its cloud technology due to a software error. For more than two weeks last month, users’ security log information could not be stored because of the problem, the company said. According to Microsoft, the flaw may cause problems in identifying security risks even if no user data is deleted.
It is known that from September 2 to 19, Microsoft’s cloud-based identity management technology Entra, Sentinel, Defender for Cloud and Parview had errors in their security logs. In a message sent to cloud users in this regard, Microsoft said that the security log information upload method did not work due to an error in the internal monitoring agent. This resulted in cloud product security log information not being stored for more than two weeks.
Security logs of user sign-ins are essential for using various Microsoft services. If the information is not stored in the security log, it is difficult for Network Defender to find any suspicious sign-in information at that time. However, a Microsoft official assured the cloud users that there was no security risk even though there was a problem in storing information in the security log due to operational errors.
Beware of scammers sending e-mails in the name of Microsoft
In addition to stealing important information of Windows users, a group of hackers are doing various types of fraud by sending fake e-mails under the identity of Microsoft employees or Microsoft-affiliated organizations. In the meantime, the cyber security organization Check Point Research has claimed that about 5,000 fake e-mails have been sent under Microsoft’s fake identity.
According to Check Point Research, fake e-mails often contain Microsoft’s privacy policy. Even links to various Microsoft websites are provided. As a result, many believe the e-mail was sent by Microsoft. But the fake e-mail asks you to click on one or more bogus login pages or links to websites in order to solve various problems. By clicking on the links, malware enters the device, collects important information including passwords and sends them to hackers. Later, besides using this information for various purposes, hackers hack e-mail accounts and demand money.
Who are ghost hackers, how to stay safe from their attacks
It is known that e-mails sent in the name of Microsoft are written in such a way that at first glance they seem to be genuine This is because the domain names of the addresses from which the fake e-mails are sent are almost identical to Microsoft’s domain name. That is, these domain names have been created by changing some words of Microsoft’s domain name. As a result, anyone can fall prey to such fraud if not careful.