incident response

Microsoft’s cloud fabric suffered a catastrophic, broadly scoped disruption on 29 October 2025 that knocked Azure Front Door (AFD) and related network/control-plane infrastructure offline, producing cascading outages across Microsoft 365, the Azure Portal, Xbox/Minecraft sign‑in flows and many...

Microsoft Azure experienced a large, cross‑product disruption that knocked the Azure Portal and numerous consumer and enterprise services offline for hours, with Microsoft pointing to a problem in Azure Front Door (AFD) and a suspected configuration change as the trigger while engineers worked...

Microsoft’s Azure cloud experienced a significant service disruption on Wednesday that left thousands of users temporarily unable to access the Azure Portal and, in some reports, affected Microsoft 365 services that depend on Azure infrastructure. Outage-monitoring platforms recorded large...

The October 20 AWS outage tore through the internet’s nervous system, leaving major apps, banks and government services intermittently offline and delivering a blunt reminder: modern digital infrastructure is fast, cheap and startlingly concentrated. Background On October 20, 2025, Amazon Web...

Microsoft Teams has become the collaboration backbone for hybrid organisations, but the platform’s ubiquity has not solved the operational puzzle of managing performance, security, and governance at scale — it’s only made the challenge more visible. Recent coverage highlights that IT leaders now...

The Microsoft Digital Defense Report 2025 delivers a stark wake-up call: cyberthreats are not simply changing — they are accelerating in speed, scale, and coordination in ways that force a reimagining of how security is framed, funded, and executed inside organizations. The most consequential...

The October AWS outage was a blunt reminder that modern IT risk extends well beyond malware and phishing: when core cloud infrastructure falters, business continuity must already be built to survive infrastructure failure, not just adversaries. Keeper Security CEO Darren Guccione warned that...

Microsoft’s Azure control-plane update and a follow-on automation mistake turned routine maintenance into a high-profile availability event that left users around the world unable to load the Azure Portal — and laid bare the practical limits of centralized global routing services like Azure...

A high‑impact elevation‑of‑privilege flaw has been disclosed in the Azure Connected Machine (Azure Arc) agent that can let an authenticated local user — or an attacker with low‑privileged local execution — escalate to SYSTEM/root on Arc‑enabled servers, and potentially abuse machine identities...

Microsoft’s on‑premises SharePoint ecosystem is again at the center of a high‑urgency security incident: an unauthenticated or low‑privilege remote code execution (RCE) chain built from an authentication/spoofing bypass and an unsafe deserialization path has been weaponized in the wild, enabling...

Microsoft 365 suffered a region-wide disruption in North America on October 9, 2025, when a portion of Microsoft’s network infrastructure was misconfigured and briefly knocked a broad set of Microsoft 365 services — including Teams, Exchange Online and the Microsoft 365 admin portals — offline...

Microsoft’s productivity cloud stumbled again, but this time the interruption was short, diagnosable and — crucially — tied to the company’s edge networking fabric rather than a failure inside Office apps themselves. Background: what happened, in plain terms On Thursday, a subset of Microsoft...

If you noticed trouble reaching the Azure Portal, Microsoft Entra, or Microsoft 365 admin pages on the morning of October 9, 2025, you were seeing the visible fallout from a capacity loss in Azure Front Door (AFD) that Microsoft traced to crashed Kubernetes instances underpinning critical edge...

Microsoft’s cloud infrastructure suffered a high-impact service disruption on Thursday morning, leaving administrators and customers across Europe and parts of Africa unable to reach the Azure Portal and numerous customer-facing applications — an event Microsoft traced to a measurable capacity...

Microsoft Azure customers reported widespread trouble accessing the Azure Portal and other services on October 9, 2025, after Microsoft confirmed a capacity loss in Azure Front Door (AFD) that produced intermittent portal outages and downstream service degradation across parts of Europe and...

Permiso’s new open-source tool P0LR Espresso is aimed squarely at the weakest link in cloud defense that most SOCs quietly tolerate: inconsistent, provider-specific log formats that slow investigations and obscure identity-based signals at the moment they matter most. The SiliconANGLE report...

LockBit 5.0 has reappeared as a multi‑platform threat that researchers say can hit Windows, Linux and VMware ESXi hosts in a single campaign — and its blend of enhanced obfuscation, modular design and virtualization‑aware routines makes it a materially different threat for enterprise defenders...

CISA’s new advisory on an incident response engagement lays out a blunt, actionable set of lessons from a compromise that began with a public-facing GeoServer being exploited for remote code execution—and the takeaways should be required reading for any defender running internet-facing services...

CISA’s new advisory is a blunt wake-up call: an endpoint detection and response (EDR) alert at a federal agency triggered an incident response engagement that exposed avoidable failures in patch management, incident response readiness, and threat monitoring—root causes that enabled attackers to...

SonicWall’s security teams confirmed a cloud‑backup incident that exposed a subset of MySonicWall backup “preference” files to a malicious actor, and issued urgent remediation playbooks for affected customers as federal guidance from CISA echoed the vendor’s call for immediate action. The...