@cR0w Sorry no. We found this issue internally in early November. We couldn't resolve it internally so escalated to MS. After a lot of back-and-forth they emailed to say that they had confirmed the issue we were experiencing was a "known bug". It looks like they are going to roll the fix into the next update for Purview, they gave us a date of 6th Jan 25 but advised that it can take up to 2 weeks for changes to propagate world-wide.
Stumpy
- 27 Followers
- 82 Following
- 19 Posts
@dangillmor If it results in just a US recession, you will have got off lightly. The closest analog is the Smoot-Hawley tariffs that exacerbated the great depression and was a contributing factor to WWII. Trump is gambling with WWIII.
@hacks4pancakes Not sure this is true at all. I have seen many people mourning the death of terrorists, communist/socialist dictators who oversaw the deaths of millions, fascists who did likewise. There are many out there who would welcome the return of a Marx or Lenin or Hitler demi-god.
Hi @FritzAdalis,not sure how to answer this. We have the emails from MS, but obviously can't share them. Here is what I would do, if I were in your position:
Apply a Legal Hold to a test account in my org. Then check if I could delete emails in that account. I would then check what the email retention period was for my organisation, and review if it was still appropriate within the context of the current situation. If there were any issues at all with Legal Hold or Subject Access Requests or any other use-case that I have for Purview, I would test, Test, TEST then escalate it internally to the appropriate stakeholders.
Just a heads-up for any of you involved in Cyber Incident Response or internal investigations. There is a bug in Microsoft Purview that prevents Legal Hold being applied to emails. Therefore, a user who has Legal Hold applied to their account can still delete emails. Microsoft are working on a fix, but it won't be released until 6th January 2025.
Azure Sentinel is experiencing an issue across multiple instances - no indications of Azure being unavailable yet
Any chance of the US having just a normal weekend, any time soon, please?
Anyone else seeing a big issue with University degree programs for infosec/Cyber Security etc in the UK? None of the graduates that I interview for roles know the format of an IPV4 address or even the high level actions that ransomware gangs take during an attack. Ask them to talk about hacker techniques and they ALL cite "sticky keys" and that's as much as they know. They have never heard of Mimikatz or Cobalt Strike. The majority of people that I interview already have several years SOC experience. They are clearly smart people, but they are clearly not being taught the things they need to know.
@EU_Commission My prediction is that this won't foster competition one iota, but will make for shite(r) user experience for those using those services.
@GossiTheDog I'm working on a big UK ransomware case today; not on that list.