Security News > 2024 > August > Microsoft Confirms Global Azure Outage Caused by DDoS Attack

The Azure outage had global reach, impacting a subset of customers attempting to connect to Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, the Azure portal itself, and a subset of Microsoft 365 and Microsoft Purview services.
Many different organisations made statements on Tuesday, notifying users that their services were disrupted as a result of the Azure DDoS attack.
"Stephen Robinson, senior threat intelligence analyst at security firm WithSecure, told TechRepublic in an emailed statement:"Modern online services are built on stacked layers of dependencies, and in a significant proportion of service stacks you will find Microsoft services.
A denial of service attack is an attack strategy where a malicious actor attempts to prevent others from accessing a web server, web application or cloud service by flooding it with service requests.
While a DoS attack is essentially of a single origin, a distributed denial of service attack uses a large number of machines on different networks to disrupt a particular service provider; this is more challenging to mitigate as the attack is being waged from multiple sources.
On July 19, tens of thousands of users in the U.S. could not access Microsoft 365 services after an Azure configuration change.
News URL
https://www.techrepublic.com/article/microsoft-azure-outage-ddos-attack/
Related news
- DDoS attacks reportedly behind DayZ and Arma network outages (source)
- Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score (source)
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks (source)
- Gcore DDoS Radar Reveals 56% YoY Increase in DDoS Attacks (source)
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)