Microsoft identified a surge in traffic against some services that affected availability in early June and traced the issue back to threat actor Storm-1359.
The threat actors gained access to botnets and tools to launch the attacks. The company has not seen evidence that customer data was accessed or compromised, but did recommend customers review the technical details and take steps to increase resilience of their environments.
Microsoft recommended customers use layer 7 protection services with bot protection and block IP addresses identified as malicious.
