Forum Widgets
Latest Discussions
Text formatting issue with URL Hyperlinking in phishing campaign indicators.
I am running some phishing campaigns and while editing a payload i added a URL hyperlinking indicator. I type in the text for the indicator and include some empty lines. However, when it's previewed and in the actual email extra lines are removed. This makes it look all crammed together and not very readable. Any idea how i can include empty lines to break it up?URL Hyperlinking phishing training
Mi using the Defender phishing simulations to perform testing. When creating a positive reinforcement email that goes to the person you have the option to use default text or put in your own text. When I put in my own text I have lines in the text, but when it renders the lines are not displayed so it looks like a bunch of text crammed together. Any idea how to get these lines to display?
Copilot Studio Auditing
Hey team, While I'm doing research around copilot studio audting and logging, I did noticed few descripencies. This is an arcticle that descibes audting in Microsoft copilot. https://learn.microsoft.com/en-us/microsoft-copilot-studio/admin-logging-copilot-studio?utm_source=chatgpt.com I did few simualtions on copilot studio in my test tenant, I don't see few operations generated which are mentioned in the article. For Example: For updating authentication details, it generated "BotUpdateOperation-BotIconUpdate" event. Ideally it should have generated "BotUpdateOperation-BotAuthUpdate" I did expected different operations for Instructions, tools and knowledge update, I believe all these are currently covered under "BotComponentUpdate". Any security experts suggestion/thoughts on this?
Save the date - January 26, 2026 - AMA: Best practices for applying Zero Trust using Intune
Join us on January 26 at 10:00 AM PT, to Ask Microsoft Anything (AMA) and get the answers you need to implement the right policies, security settings, device configurations, and more. Never trust, always verify. Tune in for tips and insights to help you secure your endpoints using Microsoft Intune as part of your larger Zero Trust strategy. Find out how you can use Intune to protect both access and data on organization-owned devices and personal devices used for work. Go to aka.ms/AMA/IntuneZeroTrust and select "attend" to add this event to your calendar. Have questions? Submit them early by signing in to Tech Community and posting them on the event page!
Microsoft Authenticator help
keep getting Microsoft Authenticator attempts on my Hotmail account every 15 mins or so from an overseas location that im not aware of. I have changed my password, however im still getting attempts. I deny the request every time, and when i look at security section under my account > view my sign-in activity. it doesn't appear here .
Scaling Data Governance- Does a Purview in a Day Framework Exist?
Hello Purview Community, I’ve been exploring the available acceleration resources for Microsoft Purview, and one thing I noticed is a potential gap in the "In a Day" workshop series. While we have excellent programs like Power BI in a Day or Fabric in a Day, I haven't yet seen a formalized Purview in a Day framework designed to help organizations jumpstart their governance journey in a single, cohesive session. I am reaching out because my team is currently preparing something in this area that we believe will be very useful to the community and Microsoft in the future. Rather than working in isolation, we want to ensure we are aligned with the official roadmap. I wanted to reach out to the community and the Microsoft product team to ask: Is there an official "In a Day" initiative for Purview currently in the works? If not, who would be the best point of contact to discuss alignment? Looking forward to hearing your thoughts and seeing if we can build something impactful together! #MicrosoftPurview #Purview
Unusual Sign-In Activity E-mail but I cannot identify the account!
Hi, I'm experiencing something quite weird. This morning I got an alert to a personal e-mail address of mine (w********@gmail.com) that a Microsoft account of mine was accessed from an IP address in Brazil. I've attached that e-mail and it lists the account as "ja*****" with no domain name listed. I have two microsoft accounts that I know of that start with "ja". One is a hotmail account and one is registered with my university account. I figured this alert had to do with my university account because that could explain why it never listed a domain name. However, when I checked, neither account have any record of a sign in, successful or unsuccessful, from an IP address in Brazil today. Furthermore, the university account doesn't have the w*******@gmail.com listed as a primary or secondary e-mail account so even if that was the account that alert wouldn't have gone to that e-mail. I contacted Microsoft support hoping that they could try to locate the alert e-mail and confirm what account the alert was about from their end but they told me they don't have the tools for that and they have limited access to their own system. A supervisor told me that at this point my best bet is to either post on the community forums or to go to the police and ask them to track the IP address. I have a vague memory that years ago when I tried to log into my university Microsoft account, it would let me log in as a personal account and as a work account separately but now I can only use it as a work account. I'm wondering if that might be related like maybe someone was able to access my personal account of my university Microsoft account which could explain both the lack of a domain name in the e-mail and the fact that there's no history of it in my work account. This is really bugging me because someone may have accessed an account belonging to me but I'm completely unable to actually confirm that or even the account this is happening to. Thanks!
Cannot setup phone sign in with Microsoft Authenticator
Hi All, My new Redmi Turbo 4 was working with Microsoft authenticator, but in the past month, it started malfunctioning, so I decided to reset the authenticator app and sign back into it. Now I can't setup the app to do phone sign-in, and the sign in request notifications does not come to the new phone. (old phone is currently still operational). Is there like a shadow ban to chinese android phones?
