Urgent Action By Microsoft To Protect Cloud Users

Researchers at the Israeli cloud security startup company, Wiz,  have discovered a massive flaw in the main databases stored in Microsoft Corp's Azure cloud platform and have urged all users to change their digital access keys.

Wiz found  they could have gained access to the primary digital keys for most users of the Cosmos DB database system, allowing them to steal, change or delete millions of records. Alerted by Wiz, Microsoft rapidly fixed the configuration mistake that would have made it easy for any Cosmos user to get into other customers' databases, then notified some users to change their keys.

Microsoft found no evidence that any attackers had used the same flaw to get into customer data. "Our investigation shows no unauthorised access other than the researcher activity... Notifications have been sent to all customers that could be potentially affected due to researcher activity... Though no customer data was accessed, it is recommended you regenerate your primary read-write keys," Microsoft  said in a blog.

The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) went further, making clear it was speaking not just to those notified. "CISA strongly encourages Azure Cosmos DB customers to roll and regenerate their certificate key,"the agency said in a statement.   

Experts at Wiz, founded by veterans of Azure's security team, agreed. "In my estimation, it's really hard for them, if not impossible, to completely rule out that someone used this before," said Wiz Chief Technology Officer Ami Luttwak, an ex-employee at  Microsoft, where  he developed tools for logging cloud security incidents.

When asked if it had comprehensive logs for the two years when the Jupyter Notebook feature was misconfigured, or had used another way to rule out access abuse, a Microsoft spokesman replied "We expanded our search beyond the researcher's activities to look for all possible activity for current and similar events in the past,"

Wiz discovered the vulnerability on 9 August 2021 disclosed the flaw to Microsoft three days later. Within 48 hours Microsoft’s security teams disabled the vulnerable feature.

CERT- CISA:     Wiz:       Reuters:       Brand Equity:      Channel Asia:      Verdict:     Business Hala

You Might Also Read:

Big Data & Cloud Computing - Concurrent  Technologies Of The Digital Revolution:

 

« US Tech Giants To Spend Billions On National Cyber Security
Hackers Steal $100m From Japanese Cryptocurrency Exchange »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Conscia

Conscia

Conscia provides IT infrastructure solutions and 24/7 services in network, data center, security and mobility.

AppViewX

AppViewX

AppViewX is a global leader in the management, automation and orchestration of network services in data centers.

CyberGuarded

CyberGuarded

CyberGuarded are an accredited vendor independent information security testing and auditing company.

SBD Automotive

SBD Automotive

SBD Automotive are specialists in automotive technology providing independent research and consultancy to help create smarter, more secure, better connected, and increasingly autonomous cars.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MOXFIVE

MOXFIVE

MOXFIVE is a specialized technical advisory firm founded to bring clarity to the complexity of cyber attacks.

Paradyn

Paradyn

Paradyn-managed security services can provide a holistic view of your business environment, no matter how simple or complex it is.

Ampere Industrial Security

Ampere Industrial Security

Ampere is an industrial security firm. We specialize in industrial control systems (ICS) and operational technology (OT) security.

Communicate Technology

Communicate Technology

Communicate Technology are IT, telecoms and cyber-security specialists, keeping over 500 businesses and 50,000 users connected and secure across the UK.

Enzen

Enzen

Enzen is a global knowledge practice that provides consulting, technology, engineering, operating and innovation services to the energy and utility sectors.

Tech Vedika

Tech Vedika

Tech Vedika has access to technical guidance, training and resources from AWS to successfully undertake solution architecture, application development, application migration, and managed services.

Rimini Street

Rimini Street

Rimini Street is a global provider of enterprise software support products and services, and the leading third-party support provider for Oracle and SAP software products.

Guardsman Cyber Intelligence (GCI)

Guardsman Cyber Intelligence (GCI)

GCI provides proven cyber intelligence solutions to protect your business against ever present physical and digital threats shadowing your online business.

Singularico

Singularico

Singularico help secure your software using the power of AI.

Thunder Shield Security

Thunder Shield Security

Thunder Shield is a professional cyber security service provider of penetration test, source code review and security assessment services.

IDVerse

IDVerse

IDVerse is focused on making user verification effortless through technology. We build intelligent tools that protect users from identity fraud while enabling a seamless user experience.