Successfully attacking Microsoft 365 achieved both of those objectives handily.īy posting the blog entry about its recent outages on the Friday before a long weekend – and not linking Storm-1359 to an attacker – Microsoft appears to have tried to minimize the publicity around this attack. HKEYLOCALMACHINE\SOFTWARE\OFFICE - it does not delete the entire folder. I tried deleting the following registry keys: a. After restarting the app, it goes back to the inactivated MS Office 2019 2. It has suggested the group 'appears to be focused on disruption and publicity.' Switch your Office License - no matter what I do, it wont change to the Office 365 license. Microsoft hasn't linked 'Storm-1359' to Anonymous Sudan, but says the gang 'has access to a collection of botnets and tools that could enable the threat actor to launch DDoS attacks from multiple cloud services and open proxy infrastructures. Microsoft admits Azure Resource Manager failed after code change.Microsoft breaks geolocation, locking users out of Azure and M365.Microsoft’s Azure mishap betrays an industry blind to a big problem.Microsoft keeps quiet amid talk of possible DDoS attack against Azure.That 'tuning' could be the 'reviewing our networking systems and recent updates' referred to in the June 6 tweet. Microsoft hardened layer 7 protections including tuning Azure Web Application Firewall (WAF) to better protect customers from the impact of similar DDoS attacks,' the post states. 'This recent DDoS activity targeted layer 7 rather than layer 3 or 4.
