Wednesday , June 25 2025
Microsoft azure

Microsoft Confirms Outage Was Triggered By Cyberattack

Microsoft Azure suffered an outage on July 30 due to a cyberattack known as a distributed denial of service (DDoS) attack.

Users complained about not being able to access various Microsoft services yesterday, including Microsoft 365 products like Office, Outlook, and Azure.

The incident—which lasted nearly 10 hours—took place less than two weeks after a CrowdStrike update caused Microsoft Windows machines to crash. Companies affected by the new outage include U.K. bank NatWest, according to the BBC.

WhatsApp banned on all US House of Representatives devices

The U.S. House of Representatives has banned congressional staff from using WhatsApp on government devices due to security concerns, as...
Read More
WhatsApp banned on all US House of Representatives devices

Kaspersky found “SparkKitty” Malware on Google Play, Apple App Store

Kaspersky found a new mobile malware dubbed SparkKitty in Google Play and Apple App Store apps, targeting Android and iOS....
Read More
Kaspersky found “SparkKitty” Malware on Google Play, Apple App Store

OWASP AI Testing Guide Launched to Uncover Vulns in AI Systems

OWASP has released its AI Testing Guide, a framework to help organizations find and fix vulnerabilities specific to AI systems....
Read More
OWASP AI Testing Guide Launched to Uncover Vulns in AI Systems

Axentec Launches Bangladesh’s First Locally Hosted Tier-4 Cloud Platform

In a major milestone for the country’s digital infrastructure, Axentec PLC has officially launched Axentec Cloud, Bangladesh’s first Tier-4 cloud...
Read More
Axentec Launches Bangladesh’s First Locally Hosted Tier-4 Cloud Platform

Hackers Bypass Gmail MFA With App-Specific Password Reuse

A hacking group reportedly linked to Russian government has been discovered using a new phishing method that bypasses two-factor authentication...
Read More
Hackers Bypass Gmail MFA With App-Specific Password Reuse

Russia detects first SuperCard malware attacks via NFC

Russian cybersecurity experts discovered the first local data theft attacks using a modified version of legitimate near field communication (NFC)...
Read More
Russia detects first SuperCard malware attacks via NFC

Income Property Investments exposes 170,000+ Individuals record

Cybersecurity researcher Jeremiah Fowler discovered an unsecured database with 170,360 records belonging to a real estate company. It contained personal...
Read More
Income Property Investments exposes 170,000+ Individuals record

ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs

GreyNoise found attempts to exploit CVE-2023-28771, a vulnerability in Zyxel's IKE affecting UDP port 500. The attack centers around CVE-2023-28771,...
Read More
ALERT (CVE: 2023-28771)  Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs

CISA Flags Active Exploits in Apple iOS and TP-Link Routers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included two high-risk vulnerabilities in its Known Exploited Vulnerabilities (KEV)...
Read More
CISA Flags Active Exploits in Apple iOS and TP-Link Routers

10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online

SafetyDetectives’ Cybersecurity Team discovered a public post on a clear web forum in which a threat actor claimed to have...
Read More
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online

What Happened At Microsoft?

The incident started at approximately at 11:45am UTC and was resolved at 19:43pm, according to Microsoft’s Azure status history page. According to Microsoft, a “subset of customers may have experienced issues connecting to a subset of Microsoft services globally.”

Impacted services included Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, as well as the Azure portal itself and “a subset of Microsoft 365 and Microsoft Purview services.”

Microsoft says the “initial trigger event” was a DDoS attack, which sees adversaries flood services with traffic in order to bring them to a standstill.

Microsoft describes an “unexpected usage spike” which resulted in Azure Front Door and Azure Content Delivery Network components “performing below acceptable thresholds, leading to intermittent errors, timeout and latency spikes.”

Most firms have protection in place to prevent DDoS from having an impact. The initial DDoS attack had activated the firm’s DDoS protection mechanisms, but an error in the implementation of defenses “amplified the impact of the attack rather than mitigating it,” Microsoft admits.

It appears that the outage was caused by DDoS attack—despite the fact Microsoft had protections in place, says Sean Wright, head of application security at Featurespace. “Similarly to the CrowdStrike issue a few weeks ago, it appears that an error occurred in the software that was used to protect against DDoS attacks,” Wright says.

This is highlights the importance of testing software thoroughly, he says.

What’s Next?
The CrowdStrike incident had already—and unfairly—created bad optics for Microsoft, so the timing of this new outage is unlucky. Microsoft knows this and has communicated clearly throughout the outage, saying it will publish a Preliminary Post Incident Review within approximately 72 hours, to share more details on what happened and how it responded.

Source: Forbes

Check Also

New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries

In March 2025, the Threatfabric mobile Threat Intelligence team identified Crocodilus, a new Android banking …

Leave a Reply

Your email address will not be published. Required fields are marked *