Azure Updates: DDoS; Defender for App Service; RAMP security for US microelectronics

User Review
0 (0 votes)

Microsoft focused on generalized and individualized security for Azure customers in its week’s updates, as well as issuing updates for Automation, soft deletes and more.

According to Microsoft program manager Alethea Toth, the pandemic drove an increase in DDoS attacks, with a peak in attacks between March and April, 2020. In some cases attacks reached up to 1 tbps, with many originating in the US and the Amsterdam region bearing the greatest brunt of attacks. DDoS for hire has helped to spur the attacks and Microsoft encourages customers to adopt Azure DDoS Protection Standard. Toth wrote:

As we head into the new year, the threat of cyberattacks will continue to rise. We have observed that DDoS attacks are often used as smoke screens to cover up bigger network intrusions, which can wreak immense havoc on both businesses and users. There is also a new brewing national security threat: as healthcare organizations fight to cope with the growing demands of COVID-19, they are also becoming the prime target of cyber-attacks.

According to senior security research manager Ram Pliskin, Microsoft has introduced Defender for App Service dangling DNS protection. Issues with dangling DNS come about when a custom DNS is mapped to a DNS CNAME record for an Azure resource that is no longer provisioned, opening the door to subdomain takeovers.