Microsoft Lose Logs, Imposter Employees, FREE Certification Roadmap + More

Author

InfoSec Sam
October 20, 2024

This Week’s News

Lost Logs

As security professionals we know that retaining logs is super important. So its not ideal that Microsoft lost several weeks of security logs for its cloud products!

Microsoft said that “a bug in one of Microsoft’s internal monitoring agents resulted in a malfunction in some of the agents when uploading log data to our internal logging platform” between September 2 and September 19. 

The incident raises concerns about the reliability of Microsoft's cloud security and the incident could hinder investigations into potential breaches. LINK

SEC X PWND

The U.S. Securities and Exchange Commission (SEC) arrested an individual for their role in a Bitcoin fraud scheme. The individual allegedly attempted to manipulate the price of Bitcoin by compromising the SEC's X account earlier this year.

If you’ve been involved in cryptocurrencies at all you’ll know that activity on social media can have a significant impact on the crypto market. The attacker conducted a SIM swapping attack to gain access to a phone with control over the X account. LINK

Imposter Employees

North Korean hackers posing as IT workers have extorted employers by stealing sensitive company data. These fake workers infiltrate companies through remote jobs, exploiting their access to confidential information. Once inside, they demand ransom payments to avoid leaking the stolen data, leveraging their insider position for financial gain.

This raises two questions for me. Did these IT workers go through any background screening, and secondly, I wonder how long until this is used as a reason to get workers back into the office… LINK

Other News

  • Fidelity Fumble - A data breach at Fidelity Investments has exposed the personal information of 77,000 customers including sensitive data such as Social Security numbers, account information, and other personal details. LINK

  • Charged Hackers - Several members of the hacktivist group Anonymous Sudan have been charged by the U.S. for running a DDoS-for-hire service. LINK

Career Development

FREE Security Certification Roadmap

This is the one and only security certification roadmap you’ll ever need!

No matter what area of cybersecurity you are pursuing or your experience level this will detail all the various certifications you could consider.

Check it out using the link below:

Subscribe to keep reading

This content is free, but you must be subscribed to InfoSecSam's Newsletter to continue reading.

I consent to receive newsletters via email. Terms of use and Privacy policy.

Already a subscriber?Sign in.Not now