Comment by bflesch

Microsoft CERT offers forms to fill out about DDOS attacks. I reported their IP addresses and the server they were hitting including the timestamp.

All of the reports to Microsoft CERT had proof-of-concept code and links to github and bugcrowd issues. Microsoft CERT sent me an individual email for every single IP address that was reported for DDOS.

And then half an hour later they sent another email for every single IP address with subject "Notice: Cert.microsoft.com - Case Closure SIRXXXXXXXXX".

I can understand that the meager volume of requests I've sent to my own server doesn't show up in Microsoft's DDOS-recognizer software, but it's just ridiculous that they can't even read the description text or care enough to forward it to their sister company. Just a single person to care enough to write "thanks, we'll look into it".