Kevin Beaumont on Nostr: On how the USG, European govs and Microsoft have been threat hunting this, per ...
On how the USG, European govs and Microsoft have been threat hunting this, per Microsoft documentation on the logs... "If a mailbox is throttled, you can probably assume there was MailItemsAccessed activity that wasn't recorded in the audit logs."
Published at
2023-07-14 12:50:45Event JSON
{
"id": "e84d3df531936551822f69aba40186aaf90115a0b56531d500e41f4c3ff05e58",
"pubkey": "f6870afcde4480ec8508f50304859e14a51309ff24ab3f0f862c52bdc4af8747",
"created_at": 1689339045,
"kind": 1,
"tags": [
[
"e",
"25717b78dd1048fb33fdbae5c78c3916bbf0bdfad1a78d05b2e12f5c75bb9641",
"wss://relay.mostr.pub",
"reply"
],
[
"mostr",
"https://cyberplace.social/users/GossiTheDog/statuses/110712523669686421"
]
],
"content": "On how the USG, European govs and Microsoft have been threat hunting this, per Microsoft documentation on the logs... \"If a mailbox is throttled, you can probably assume there was MailItemsAccessed activity that wasn't recorded in the audit logs.\"\n\nhttps://cyberplace.social/system/media_attachments/files/110/712/521/726/972/388/original/54aa840aa79b5b49.png",
"sig": "f3db894936321862f9f36e421931c1492aa0908e0e56986b0f6fdd366177f562180e9e085e2b84d376ab31f2a8814c355c77367bcba8a495b658fe614598448b"
}
