Just another day in paradise: I was in the middle of a meeting and there were tons of messages about false-positives in my email, phone, SMS, Teams, smoke signals, you name it. In the beginning, the issue was detected because of attachments not being received in the organization and after a couple of minutes in Office 365 service health we found the culprit to be the ATP (advanced threat protection). Basically, we went to Office 365 Security & Compliance, Threat Management, and Dashboard. Looking at the numbers we noticed a spike in the malware trends, as depicted in the image below.
My line of thought was to check the Real-time detections and check if my organization was being targeted by an attack or something of the sorts. However, I noticed that virtually all office files were being blocked and they were not related (different senders), so my second thought was to open a ticket.
However, before spending the time in opening a ticket, I checked the Office 365 service health, and I noticed an informational icon in Exchange Online, and there was one advisory being listed, as depicted in the image below.
In the advisory blade, I was able to see the summary of the case and understand the details. By doing that I saved the time of opening a ticket, and I was able to set the proper expectation within my organization communicating the issue and now it is just matter of following up in the advisory to make sure that issue is fixed.
Featured image: Pixabay