Urgent Action By Microsoft To Protect Cloud Users

Uploaded on 2021-08-30 in TECHNOLOGY--Resilience, TECHNOLOGY--Developments, FREE TO VIEW

Researchers at the Israeli cloud security startup company, Wiz,  have discovered a massive flaw in the main databases stored in Microsoft Corp's Azure cloud platform and have urged all users to change their digital access keys.

Wiz found  they could have gained access to the primary digital keys for most users of the Cosmos DB database system, allowing them to steal, change or delete millions of records. Alerted by Wiz, Microsoft rapidly fixed the configuration mistake that would have made it easy for any Cosmos user to get into other customers' databases, then notified some users to change their keys.

Microsoft found no evidence that any attackers had used the same flaw to get into customer data. "Our investigation shows no unauthorised access other than the researcher activity... Notifications have been sent to all customers that could be potentially affected due to researcher activity... Though no customer data was accessed, it is recommended you regenerate your primary read-write keys," Microsoft  said in a blog.

The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) went further, making clear it was speaking not just to those notified. "CISA strongly encourages Azure Cosmos DB customers to roll and regenerate their certificate key,"the agency said in a statement.   

Experts at Wiz, founded by veterans of Azure's security team, agreed. "In my estimation, it's really hard for them, if not impossible, to completely rule out that someone used this before," said Wiz Chief Technology Officer Ami Luttwak, an ex-employee at  Microsoft, where  he developed tools for logging cloud security incidents.

When asked if it had comprehensive logs for the two years when the Jupyter Notebook feature was misconfigured, or had used another way to rule out access abuse, a Microsoft spokesman replied "We expanded our search beyond the researcher's activities to look for all possible activity for current and similar events in the past,"

Wiz discovered the vulnerability on 9 August 2021 disclosed the flaw to Microsoft three days later. Within 48 hours Microsoft’s security teams disabled the vulnerable feature.

CERT- CISA:     Wiz:       Reuters:       Brand Equity:      Channel Asia:      Verdict:     Business Hala

You Might Also Read:

Big Data & Cloud Computing - Concurrent  Technologies Of The Digital Revolution:

 

« US Tech Giants To Spend Billions On National Cyber Security
Hackers Steal $100m From Japanese Cryptocurrency Exchange »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clearwater Security & Compliance

Clearwater Security & Compliance

Clearwater Compliance specialize in Privacy, Security, Compliance and Risk Management Solutions for Health Care, Law Firms and other businesses.

Fastpath Solutions

Fastpath Solutions

Fastpath deliver software solutions that enable you to take control of your security, compliance and risk management initiatives.

Slovenian Digital Coalition

Slovenian Digital Coalition

Slovenian Digital Coalition is a coalition working in the field of smart cities, e-commerce, e-skills, e-inclusion, cyber security, internet and other areas related to developing the digital society.

Destel

Destel

Destel is a system integrator and provider of IT services focused on Advanced Network & Security Solutions.

RIGCERT

RIGCERT

RIGCERT provides training, audit and certification services for multiple fields including Information Security.

ISMS.online

ISMS.online

ISMS.online is a cloud software solution for fast & cost-effective implementation of an information security management system and achieve compliance with ISO 27001 and other standards.

DarkOwl

DarkOwl

DarkOwl provides the world’s largest index of darknet content and the tools to efficiently find leaked or otherwise compromised sensitive data.

DeepSeas

DeepSeas

DeepSeas is the result of a merger between Security On-Demand (SOD) and the commercial Managed Threat Services (MTS) business of Booz Allen Hamilton.

Cyber Ireland

Cyber Ireland

Cyber Ireland brings together Industry, Academia and Government to represent the needs of the Cyber Security Ecosystem in Ireland.

Open Quantum Safe (OQS)

Open Quantum Safe (OQS)

The Open Quantum Safe (OQS) project is an open-source project that aims to support the development and prototyping of quantum-resistant cryptography.

Outsource Group

Outsource Group

Outsource Group is an award winning Cyber Security and IT Managed Services group working with a range of SME/Enterprise customers across the UK, Ireland and internationally.

Sunday Cyber

Sunday Cyber

Sunday is a personal cybersecurity platform, built to protect the world’s top executive teams beyond the enterprise perimeter.

Devolutions

Devolutions

Devolutions make best-in-class Privileged Access Management, Password Management, and Remote Connection Management solutions available to ALL organizations — including SMBs.

Ampcus Cyber

Ampcus Cyber

Ampcus Cyber specialize in providing comprehensive security solutions and services that are tailored to safeguard our clients' networks, infrastructure, and valuable assets.

Zafran

Zafran

Zafran is a Risk & Mitigation Platform that defuses threat exploitation by mobilizing existing security tools.

Texaport

Texaport

Texaport's vision is to be the trusted partner of choice for organisations seeking comprehensive IT management and cutting-edge security solutions.