Security News > 2021 > April > 'Anomalous surge in DNS queries' knocked Microsoft's cloud off the web last week
It was a tsunami of DNS queries that ultimately took out a host of Microsoft services, from Xbox Live to Teams, for some netizens about an hour on April Fools' Day, Redmond has said.
The web giant's Threat Analysis Group said it had detected in March a bogus security company SecuriElite reaching out to legit professionals via social media, such as LinkedIn and Twitter.
Admins with a Windows-heavy focus might want to check out the latest Redmond missive on planned security changes for Microsoft 365 apps in the forthcoming version 2103.
Gigabytes of stolen data has been uploaded to the dark web to encourage the colleges to pay a ransom to prevent all of the data from being dumped online.
The FBI and America's Cybersecurity and Infrastructure Security Agency rounded off last week with a warning [PDF] on Friday that installations of Fortinet's FortiOS SSL VPN portal were being actively probed for unpatched security flaws by top-tier miscreants, known in industry jargon as an advanced persistent threat.
"The APT actors may be using any or all of these CVEs to gain access to networks across multiple critical infrastructure sectors to gain access to key networks as pre-positioning for follow-on data exfiltration or data encryption attacks."
News URL
https://go.theregister.com/feed/www.theregister.com/2021/04/06/in_brief_security/
Related news
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud (source)
- Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts (source)
- Multi-cloud Strategies Making DDI and DNS Cumbersome to Manage (source)