Security News

​Microsoft has mitigated an Azure outage that lasted more than two hours and took down multiple services for customers across North and Latin America. [...]

The legal spars between Delta Air Lines and CrowdStrike are heating up, with the cybersecurity firm claiming that Delta's extended IT outage was caused by poor disaster recovery plans and the...

Cybersecurity company CrowdStrike has been sued by investors who say it provided false claims about its Falcon platform after a bad security update led to a massive global IT outage causing the...

The Azure outage had global reach, impacting a subset of customers attempting to connect to Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, the Azure portal itself, and a subset of Microsoft 365 and Microsoft Purview services. Many different organisations made statements on Tuesday, notifying users that their services were disrupted as a result of the Azure DDoS attack.

Do you have problems configuring Microsoft's Defender? You might not be alone: Microsoft admitted that whatever it's using for its defensive implementation exacerbated yesterday's Azure instability. Microsoft has published its strategy to defend against network-based DDoS attacks, noting it was unique due to the global footprint of the company.

Microsoft confirmed that a nine-hour outage on Tuesday, which disrupted numerous Microsoft 365 and Azure services worldwide, was caused by a distributed denial-of-service (DDoS) attack. Affected services included Microsoft Entra, Intune, Power BI, Power Platform, Azure App Services, and others.The company explained that their DDoS protection mechanisms were triggered, but an error in the implementation of their defenses exacerbated the attack's impact. Once the issue was identified, Microsoft made networking configuration changes and rerouted to alternate paths to mitigate the problem.

A DDoS attack that started on Tuesday has made a number of Microsoft Azure and Microsoft 365 services temporarily inaccessible, the company has confirmed. Microsoft's mitigation statement on the Azure status history page.

What can I do? If you are a visitor of this website: Please try again in a few minutes. Contact your hosting provider letting them know your web server is not responding.

Estimated financial losses due to the recent massive IT outage triggered by the faulty CrowdStrike update are counted in billions, but the unfortunate incident is having several positive effects, as well. As CrowdStrike was forced to explain, in great detail, how they roll out updates for its Falcon Sensors, what testing they perform beforehand, and how they plan to improve the whole process to prevent similar accidents from happening in the future, other cybersecurity vendors - such as Fortinet, Secureworks, and Bitdefender - have spelled out their own software and content update release processes.

Cloud security threats CISOs need to know aboutIn this Help Net Security interview, Ava Chawla, Head of Cloud Security at AlgoSec, discusses the most significant cloud security threats CISOs must be aware of in 2024. Cybersecurity ROI: Top metrics and KPIsIn this Help Net Security interview, Karthik Swarnam, Chief Security and Trust Officer at ArmorCode, discusses key metrics and KPIs to measure cybersecurity ROI. Confidential AI: Enabling secure processing of sensitive dataIn this Help Net Security interview, Anand Pashupathy, VP & GM, Security Software & Services Division at Intel, explains how Intel's approach to confidential computing, particularly at the silicon level, enhances data protection for AI applications and how collaborations with technology leaders like Google Cloud, Microsoft, and Nvidia contribute to the security of AI solutions.