Security News > 2023 > June > Microsoft confirms DDoS attacks against M365, Azure Portal
The Microsoft 365 and Azure Portal outages users expirienced this month were caused by Layer 7 DDoS attacks, Microsoft has confirmed on Friday.
Throughout the first half June 2023 Microsoft confirmed, at various times, ongoing issues with its cloud-based services - Microsoft 365 and Azure Portal - but did not say at the time that they were caused by an increase in traffic.
Microsoft said that the attacks were caused by DDoS activity.
A group dubbed Storm-1359 by Microsoft was behind the attacks.
"These attacks likely rely on access to multiple virtual private servers in conjunction with rented cloud infrastructure, open proxies, and DDoS tools," Microsoft informed.
"Storm-1359 has access to a collection of botnets and tools that could enable the threat actor to launch DDoS attacks from multiple cloud services and open proxy infrastructures," the company revealed, and noted that Storm-1359 "Appears to be focused on disruption and publicity."
News URL
https://www.helpnetsecurity.com/2023/06/19/microsoft-365-azure-ddos/
Related news
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- New Eleven11bot botnet infects 86,000 devices for DDoS attacks (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- DDoS Attacks Now Key Weapons in Geopolitical Conflicts, NETSCOUT Warns (source)
- Microsoft Defender will isolate undiscovered endpoints to block attacks (source)
- Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach (source)