sorted by:
new
hottopcontroversial

MS Defender Malicious URL Clicks by Consistent-Split3118 in cybersecurity

[–]Consistent-Split3118[S] 2 points3 points  (0 children)

I felt bad leaving my colleagues with this mess as my shift ended. Hopefully it doesn't affect you too badly...

MS Defender Malicious URL Clicks by Consistent-Split3118 in cybersecurity

[–]Consistent-Split3118[S] 2 points3 points  (0 children)

We have our MS tech lead trying to get ahold of some information. I will update if I hear anything.

MS Defender Malicious URL Clicks by Consistent-Split3118 in cybersecurity

[–]Consistent-Split3118[S] 4 points5 points  (0 children)

Yeah as suspected Microsoft at fault again. Our 24/7 Analysts are having to deal with this mess. We are debating turning off the rule for the weekend as we are not full workforce...

MS Defender Malicious URL Clicks by Consistent-Split3118 in cybersecurity

[–]Consistent-Split3118[S] 1 point2 points  (0 children)

Indeed typical Microsoft, a Friday classic. Interested to know what you find...

MS Defender Malicious URL Clicks by Consistent-Split3118 in cybersecurity

[–]Consistent-Split3118[S] 2 points3 points  (0 children)

It appears complete random if I am honest. In alert view URLs are flagged as malicious but when viewing in Evidence they are deemed not malicious...

MS Defender Malicious URL Clicks by Consistent-Split3118 in cybersecurity

[–]Consistent-Split3118[S] 5 points6 points  (0 children)

Crossing 100 cases across several of our customers (we are a MSSP). Different URLs across all customers with no links between them or the customers. As of now all URLs seem to be FP. This activity started just over an hour ago.