Subj : Microsoft Azure and Outlook outages were caused by DDoS attacks
To   : All
From : TechnologyDaily
Date : Mon Jun 19 2023 11:15:03

Microsoft Azure and Outlook outages were caused by DDoS attacks

Date:
Mon, 19 Jun 2023 10:00:36 +0000

Description:
HTTP(S) flood attacks in the millions, cache bypass, and slowloris were all 
responsible for taking down Microsofts services.

FULL STORY
======================================================================

Microsoft has confirmed that outages to its Azure and Outlook services were 
caused by DDoS attacks, which the company puts down to the threat actor that 
it tracks as Storm-1359. 

This follows the tech giant's new nomenclature for threats, whereby Storm 
denotes a group that is in development. 

Otherwise known as Anonymous Sudan, it is said to be a politically motivated 
Sudanese gang of self-proclaimed hacktivists, who have already had run-ins 
with France, Denmark, and Sweden so far this year. Sudanese threat actor 
behind Microsoft DDoS attacks 

Microsoft says that Storm-1359 launched several types of layer 7 DDoS 
attacks, including an HTTP(S) flood attack which sees a high load of SSL/TLS 
handshakes and HTTP(S) requests cause the backend's CPU and memory to become 
depleted. In this instance, it is believed that millions of requests were 
made simultaneously. Read more 

 > The best email providers 


 > Microsoft OneDrive went down after a spate of DDoS attacks 


 > Microsoft Azure outage caused by "huge spike", that could have been a DDoS 
attack 

The group also used cache bypass tactics which force the frontend layer to 
direct requests to the origin rather than retrieving cached contents, and 
slowloris, which forces a web server to keep the connection open by failing 
to acknowledge a download. 

These attacks likely rely on access to multiple virtual private servers (VPS) 
in conjunction with rented cloud infrastructure, open proxies, and DDoS 
tools, said Microsoft in the announcement . 

Ultimately, while services were disrupted over the course of a series of days 
in early June, Microsoft says that it has seen no evidence that customer data 
has been accessed or compromised. 

The company has also provided a handful of steps that customers can take to 
reduce their impact to layer 7 DDoS attacks in the future, which are outlined 
on its website . Check out the best endpoint protection software



======================================================================
Link to news story:
https://www.techradar.com/news/microsoft-azure-and-outlook-outages-were-caused
-by-ddos-attacks


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.