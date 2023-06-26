Anonymous Sudan: this is the group of cybercriminals that would be behind the attacks which blocked various services at the beginning of the month Microsoft. The company in its blog dedicated to security has confirmed that the interruptions had since June 5, platforms such as e-mail of Outlook and theapp cloud OneDrive, were caused by problems in the availability of the various apps, due to the activity of hackers. On a technical level, there has been no violation of the systems Microsoft. “We have found no evidence that customer data has been hacked or compromised,” the company noted.

The case is based on access to multiple virtual private servers (VPS) along with rented cloud infrastructure, open proxies and DDoS tools, according to the company. Microsoft has therefore strengthened the protections of the level 7, including the optimization of Azure Web Application Firewall (WAF) to better protect customers.

Level 7 DDoS attacks

The case in question, named Storm-1359appears to focus on disruption and commercials, launching several types of layer 7 DDoS attack: aHttp(S) flood attack (which aims to exhaust system resources with a high load of Ssl/Tls handshakes and processing Http(S) requests). In this case, the attacker sends a high load (in the order of millions ) of Http(S) requests well distributed all over the world from different source IPs This causes the application back-end to run out of computing resources (cpu and memory); cache bypass (which tries to bypass the Cdn layer and can cause origin servers to be overloaded. In this case, the attacker sends a series of queries against the generated urls which forces the frontend layer to forward all requests to the origin rather than serve from cached content); Slowloris (which occurs when the client opens a connection to a web server, requests a resource, and then doesn’t acknowledge the download. This forces the web server to keep the connection open and the requested resource in memory).

Italiaonline again in the storm for the Libero and Virgilio emails

Meanwhile, in our country, Italyonline is back in the storm: in fact, users report only today the slow recovery of the functioning of mail services Of Libero and Virgilio, interrupted by the night of June 13th. “In the last few hours there has been still instability to the e-mail infrastructure, which prudently forces us not to be able to reopen the normal flow yet” the company declared over the weekend. In less than six months it is the second episode of ‘crisis’: from 23 to 26 January a similar case with about 9 thousand customers who were unable to access their mailboxes. At the origins of the disruption there had been a problem with a software update that manages the data storage of this email.

Slow recovery services

The disservice of the Libero mail and Virgilio mail would be anyway “under resolution”as stated by Italyonline. “The progressive and constantly monitored reopening of the mailboxes is underway and access via the app is also made available in the same manner – explains a note -. Our technicians are continuing to work to restore the full functionality of the accounts as soon as possible. We are aware of the inconvenience caused and we can only thank the millions of users for their patience. Further updates will be provided as soon as available”

