Most Viewed Content:

OpenAI Launched Assistants API, Allowing Developers to Customize AI Assistants with One Click

At today's OpenAI's first developer conference, OpenAI launched the...

Toyota responds to continued production cuts in the next 3 months: easing pressure on dealer earnings

In response to the news that "production will continue...

India’s censorship body gave power to remove pirated Movies from platforms

India’s Ministry of Information and Broadcasting announced that its...

Microsoft service outage in early June was due to a DDoS network attack

In the first week of June, Microsoft suffered a major communications outage that affected nearly all of its services, including Azure, Outlook and Teams. The company has now revealed that a cyber attack was behind the global outage.

Microsoft DDoS network attack

In a blog post, Microsoft revealed details of the early June attack that caused an outage of its services and took the company nearly 15 hours to mitigate. The company noticed a spike in traffic targeting some of its services and launched an investigation into the DDoS (distributed denial of service) attack.

Microsoft further noted that the threat actors used multiple virtual private servers (VPS), proxies, rented cloud infrastructure, and DDoS tools to execute the attack. While the attack was sophisticated, Microsoft confirmed that no customer data was accessed or compromised.

This latest DDoS campaign targeted layer 7 of the OSI, rather than layer 3 or 4, which was previously common. Microsoft has strengthened Layer 7 protection measures, including adjusting the Azure Web Application Firewall (WAF) to better protect customers from DDoS-like attacks.

Microsoft also shared technical details about the attack. According to the company, threat actor Storm-1359 used a series of botnets and tools to launch an attack on the company’s servers. These tools include HTTP(S) flooding attacks that overload systems and exhaust resources through high-load SSL/TLS handshakes and HTTP(S) requests. In Microsoft’s case, the attackers sent millions of HTTP(S) requests from IP addresses around the globe, overloading the system.

Not only that, but the attackers also used caching to bypass the CDN layer and overload the original system with a series of queries. Finally, the attackers also used Slowloris, where the client requests resources from the server but fails to acknowledge receipt, forcing the server to keep the connection open and hold the resources in its memory.

Microsoft assesses that Storm-1359 has access to a range of botnets and tools that enable threat actors to launch DDoS attacks from multiple cloud services and open proxy infrastructures. Storm-1359 appears to be focused on disruption and propaganda.

Microsoft concluded the post with a series of tips and recommendations for Azure customers to protect them from Layer 7 DDoS attacks in the future. However, the company did not disclose details related to the damage or any financial impact as a result of the attack.

Latest

Chery Li Xueyong: Fulwin uses hybrid power to roll up

"We will strive to be second in the hybrid...

Chery Discovery 06 C-DM to be officially launched on April 25th

Recently, we learned from Chery officials that the Discovery...

BYD Qin L interior official image released: Positioned as a mid-level sedan

BYD today released official pictures of the interior of...

Google sets up a new department to bring disruptive AI experiences to users

Google recently restructured its software and hardware teams and...

Newsletter

Don't miss

Chery Li Xueyong: Fulwin uses hybrid power to roll up

"We will strive to be second in the hybrid...

Chery Discovery 06 C-DM to be officially launched on April 25th

Recently, we learned from Chery officials that the Discovery...

BYD Qin L interior official image released: Positioned as a mid-level sedan

BYD today released official pictures of the interior of...

Google sets up a new department to bring disruptive AI experiences to users

Google recently restructured its software and hardware teams and...

MediaTek launches Dimensity 6300 SoC, expected to power Realme C65 5G

MediaTek recently quietly launched the Dimensity 6300 processor on...
Stephen Cruise
Stephen Cruisehttps://www.techgoing.com
Stephen Cruise is a senior editor covering latest smartphones, EVs, PC gaming, console, and tech with 11 years of experience.

Range Rover EV model to be released this year, using an 800V high-voltage platform

The pure electric version of the Range Rover will be officially released in 2024. The new car is built based on the MLA-Flex architecture...

Elon Musk to Meet Indian Prime Minister Narendra Modi for Factory Talks on April 22

According to foreign media reports, Tesla CEO Elon Musk plans to visit India from April 22 to 28 to meet with Indian Prime Minister...

Spy Photos of the Next-Gen BMW X3 Exposed, H1 Release Expected

Recently, BMW officially released test spy photos of the new generation X3 (G45). It is reported that the new car may make its debut...