Security News > 2023 > June > Microsoft confirms DDoS attacks against M365, Azure Portal
The Microsoft 365 and Azure Portal outages users expirienced this month were caused by Layer 7 DDoS attacks, Microsoft has confirmed on Friday.
Throughout the first half June 2023 Microsoft confirmed, at various times, ongoing issues with its cloud-based services - Microsoft 365 and Azure Portal - but did not say at the time that they were caused by an increase in traffic.
Microsoft said that the attacks were caused by DDoS activity.
A group dubbed Storm-1359 by Microsoft was behind the attacks.
"These attacks likely rely on access to multiple virtual private servers in conjunction with rented cloud infrastructure, open proxies, and DDoS tools," Microsoft informed.
"Storm-1359 has access to a collection of botnets and tools that could enable the threat actor to launch DDoS attacks from multiple cloud services and open proxy infrastructures," the company revealed, and noted that Storm-1359 "Appears to be focused on disruption and publicity."
News URL
https://www.helpnetsecurity.com/2023/06/19/microsoft-365-azure-ddos/
Related news
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Recently patched CUPS flaw can be used to amplify DDoS attacks (source)
- Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors (source)
- Largest Recorded DDoS Attack is 3.8 Tbps (source)
- New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries (source)
- Microsoft issues 117 patches – some for flaws already under attack (source)