Technology Fails: A Week of Issues Including OneDrive, Barracuda, and Others

The last week+ has been quite bumpy technology-wise. There have been several outages, issues with applications, downed sites, and more. This post discusses some of the recent applications affected so you know the issue is not you, your login credentials, etc.

Technology Fails: A Week of Issues Including OneDrive, Barracuda, and Others

Last week and into this week several applications have been unable to be logged into, had multifactor fail, and or simply been completely unresponsive.

Microsoft OneDrive

Last week OneDrive, along with several other Microsoft applications, was unavailable for some users off and on. Later in the week OneDrive suffered an outage after a targeted attack. This means anyone who uses OneDrive may have had problems connecting to or syncing files.

What you can do: In this instance, because OneDrive is a cloud-based file storage system, you can simply make sure you have all of your files set to store locally and sync to the cloud. The other option is to store your files in the cloud. The benefit of having your files locally is that you can access them even if you or OneDrive is offline. However, having all of your files stored locally takes more space and you could run into storage issues. You will have to decide, based on your unique setup, which option is best for you.

Additional note: There were several other Microsoft cloud applications that have had issues the past week and a half. These include Teams, SharePoint, and Azure. In general, if you had any issues with Microsoft cloud products over the last week and a half and have not changed anything on your end, it is likely a problem with the application, not you.

Square online payment service

Last week the Square online dashboard suffered a bug that caused it to constantly reload. This meant that users trying to create or modify items were not able to get to the screens they needed to be able to make the changes they needed and/or send invoices. This bug seemed to be limited to the web-based online dashboard.

What you can do: If this issue ever happens again, you can try to access the point of sale application on a mobile device or table to see if it is working properly. While you can access both of these through the web-based application, the online store is different than the point of sale application. Additionally, often times when a web application is having issues, the app is fine and vice versa. Trying the other version will often gain you access to what you need.

Barracuda SPAM filters

So much of the time we hear about vulnerabilities that are active, but not really being taken advantage of at the time. This can be for many reasons, sometimes it is because the attack is complex so a more limited number of people have the skills to exploit it, other times the payout is too little to bother.

Unfortunately, this is not one of those times. Barracuda, a hardware manufacturer of firewalls, content filters, and more, recently had several customers fall victim to a zero-day vulnerability that attackers were successfully able to target. The devices susceptible to the attacks are Email Security Gateway, or ESG, appliances. These devices help filter out SPAM emails to protect user networks.

Initially, when the vulnerability was discovered in May, Barracuda released a patch for the devices. After deploying a second patch, and revealing that devices had been being exploited since October 2022, Barracuda informed customers they needed to replace these devices altogether.

What you can do: In this case, the only real thing that can be done is to replace the exploited ESG. This can be with another device from Barracuda or another of the many security devices available by other vendors.

Additional note: It is not often that a physical device is ordered to be replaced like this and there is no word if there will be a discount towards a new device. If you plan to upgrade, this would be a good question to ask.

Microsoft Outlook

Also last week, Microsoft Outlook suffered from a series of intermittent outages after a claimed distributed denial-of-service, or DDoS, attack. Think of this kind of attack like everyone getting on a freeway at the same time and trying to get to their destination fast - it simply won't happen because there is too much traffic to properly move.

Regardless of how much infrastructure Microsoft has available, there can always be more traffic thrown at it than it can handle. This results in applications being unavailable or seeming sluggish to respond.

What you can do: If you use Microsoft Outlook, there are a couple of things you can do. If you use the local application on either a computer or phone/tablet, all the emails, calendar items and tasks you already had in Outlook will remain and only new items would be missing. If you use Outlook through a web browser, there is not much you can do but wait for the application to be available.

The last few weeks have been full of attacks of all kinds of types against common applications. Microsoft OneDrive and Outlook both suffered outages, Barracuda is encouraging clients with their ESG devices to replace them and Square's online store was consistently reloading, effectively making it unavailable. When applications suffer outages and vulnerabilities, it is helpful to know how you can work around these issues.

As always, knowing what threats and vulnerabilities currently exist is important in helping protect your data!