Urgent Action By Microsoft To Protect Cloud Users

Uploaded on 2021-08-30 in TECHNOLOGY--Resilience, TECHNOLOGY--Developments, FREE TO VIEW

Researchers at the Israeli cloud security startup company, Wiz,  have discovered a massive flaw in the main databases stored in Microsoft Corp's Azure cloud platform and have urged all users to change their digital access keys.

Wiz found  they could have gained access to the primary digital keys for most users of the Cosmos DB database system, allowing them to steal, change or delete millions of records. Alerted by Wiz, Microsoft rapidly fixed the configuration mistake that would have made it easy for any Cosmos user to get into other customers' databases, then notified some users to change their keys.

Microsoft found no evidence that any attackers had used the same flaw to get into customer data. "Our investigation shows no unauthorised access other than the researcher activity... Notifications have been sent to all customers that could be potentially affected due to researcher activity... Though no customer data was accessed, it is recommended you regenerate your primary read-write keys," Microsoft  said in a blog.

The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) went further, making clear it was speaking not just to those notified. "CISA strongly encourages Azure Cosmos DB customers to roll and regenerate their certificate key,"the agency said in a statement.   

Experts at Wiz, founded by veterans of Azure's security team, agreed. "In my estimation, it's really hard for them, if not impossible, to completely rule out that someone used this before," said Wiz Chief Technology Officer Ami Luttwak, an ex-employee at  Microsoft, where  he developed tools for logging cloud security incidents.

When asked if it had comprehensive logs for the two years when the Jupyter Notebook feature was misconfigured, or had used another way to rule out access abuse, a Microsoft spokesman replied "We expanded our search beyond the researcher's activities to look for all possible activity for current and similar events in the past,"

Wiz discovered the vulnerability on 9 August 2021 disclosed the flaw to Microsoft three days later. Within 48 hours Microsoft’s security teams disabled the vulnerable feature.

CERT- CISA:     Wiz:       Reuters:       Brand Equity:      Channel Asia:      Verdict:     Business Hala

You Might Also Read:

Big Data & Cloud Computing - Concurrent  Technologies Of The Digital Revolution:

 

« US Tech Giants To Spend Billions On National Cyber Security
Hackers Steal $100m From Japanese Cryptocurrency Exchange »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Irish Reporting & Information Security Service (IRISS)

Irish Reporting & Information Security Service (IRISS)

IRISS-CERT is Ireland's first CSIRT (Computer Security Incident Response Team) to provide services to all users within Ireland.

Echelon

Echelon

Echelon Company is a provider of information security services specializing in certification of security software and hardware products in Russia.

Armor

Armor

Armor provide managed cloud security solutions for public, private, hybrid or on-premise cloud environments.

CalCom

CalCom

CalCom Hardening Solution (CHS) for Microsoft OMS is a security baseline-hardening solution designed to address the needs of IT operations and security teams.

idappcom

idappcom

idappcom provides unique industry approved software solutions for auditing and enhancing the threat recognition and response capabilities of your corporate security defences.

Proficio

Proficio

Proficio is a world-class Managed Security Service Provider providing managed detection and response solutions, 24×7 security monitoring and advanced data breach prevention services worldwide.

Cask Government Services

Cask Government Services

Cask Government Services focuses on program management, cybersecurity, logistics, business analysis and engineering services for Federal, State and Local Government.

Asset Guardian Solutions (AGSL)

Asset Guardian Solutions (AGSL)

Asset Guardian are dedicated to protecting the integrity of process control systems software that is used to control operations and production processes.

TAC Security (TAC Infosec)

TAC Security (TAC Infosec)

TAC Security (aka TAC Infosec) is a leading and trusted cyber security consulting partner that specializes in securing the IT infrastructure and assets of enterprises.

RiskOpsAI

RiskOpsAI

RiskOpsAI (formerly OptimEyes) is an AI/ML driven Integrated Risk Modeling and Decisioning Platform functioning as an advanced GRC/Risk Management Integration Accelerator.

Crayon

Crayon

Crayon is a customer-centric innovation and IT services company. We provide guidance on the best solutions for our clients’ business needs and budget with software, cloud, AI and big data.

Scybers

Scybers

Scybers are a global cybersecurity advisory and managed services company. With our deep expertise, we help our clients reduce their cyber risks with confidence.

Intelequia

Intelequia

Intelequia SOC is the Security Operations Center your company needs. 24x7 monitoring, protection and automated response to cyber threats.

DNS Research Federation (DNSRF)

DNS Research Federation (DNSRF)

DNSRF's mission is to advance the understanding of the Domain Name System's impact on cybersecurity, policy and technical standards.

Nicos AG

Nicos AG

Nicos AG specializes in secure, global data communication.

CyberHive

CyberHive

CyberHive offer a complete suite of threat protection modules that seamlessly integrate to block current, as well as future threats.