Security News
Microsoft has confirmed that recent outages to Azure, Outlook, and OneDrive web portals resulted from Layer 7 DDoS attacks against the company's services. The outages occurred at the beginning of June, with Outlook.com's web portal targeted on June 7th, OneDrive on June 8th, and the Microsoft Azure Portal on June 9th. Microsoft did not share at the time that they were suffering DDoS attacks but hinted that they were the cause, stating for some incidents that they were "Applying load balancing processes in order to mitigate the issue."
Outlook.com is suffering a series of outages today after being down multiple times yesterday, with hacktivists known as Anonymous Sudan claiming to perform DDoS attacks on the service. This outage follows two major outages yesterday, creating widespread disruptions for global Outlook users, preventing users worldwide from reliably accessing or sending email and using the mobile Outlook app.
We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.
The malware enables the operators to take control of the victim's Gmail, Outlook, Hotmail, or Yahoo email accounts, steal email data and 2FA codes arriving in the inbox, and send phishing emails from the compromised accounts. The victim clicks on the hyperlink on the page and downloads a RAR archive that contains a batch file with a CMD extension, which downloads a PowerShell script that fetches trojan DLLs and a set of legitimate executables from the C2 server.
If a miscreant carefully crafted a mail with that sound path set to a remote SMB server, when Outlook fetched and processed the message, and automatically followed the path to the file server, it would hand over the user's Net-NTLMv2 hash in an attempt to log in. The patch from a couple of months ago made Outlook use the Windows function MapUrlToZone to inspect where a notification sound path was really pointing, and if it was out to the internet, it would be ignored and the default sound would play.
Microsoft fixed a security vulnerability this week that could be used by remote attackers to bypass recent patches for a critical Outlook zero-day security flaw abused in the wild. "All Windows versions are affected by the vulnerability. As a result, all Outlook client versions on Windows are exploitable," Barnea explained.
Among the vulnerabilities fixed by Microsoft on May 2023 Patch Tuesday is CVE-2023-29324, a bug in the Windows MSHTML platform that Microsoft rates as "Important." Akamai's research team and Ben Barnea, the researcher who's credited with finding the flaw, disagree with that assessment, because "The new vulnerability re-enables the exploitation of a critical vulnerability that was seen in the wild and used by APT operators."
Microsoft has addressed a known issue affecting Outlook for Microsoft 365 customers that prevented them from accessing group mailboxes and calendars using the Outlook desktop client. "A recent standard service update inadvertently contains an authentication code regression which is resulting in some users being unable to access or perform various Microsoft 365 group actions in the Outlook desktop client," the company described the issue under EX540503 in the Microsoft 365 admin center.
Microsoft is investigating an ongoing issue preventing some customers from using the search functionality across multiple Microsoft 365 services. The list of affected services includes but is not limited to Outlook on the Web, SharePoint Online, Microsoft Teams, and Outlook desktop clients.
The mid- to long-term outlook for the market has also been increased slightly - the five-year compound annual growth rate is now projected to be 5.2%, compared to the previous forecast of 4.9%. IDC has raised the growth projection despite a weak economic outlook largely because of stronger than expected vendor performances across the 2022 finish line, growth indicators from adjacent markets, increased government funding, and, to some extent, inflation impacts. The US market's actual growth in 2022 was adjusted up by almost 1.17 percentage points compared to the previous forecast and is now at 6.2%. The US software market's forecasted growth and hardware installed base also remain strong.