Urgent Action By Microsoft To Protect Cloud Users

Uploaded on 2021-08-30 in TECHNOLOGY--Resilience, TECHNOLOGY--Developments, FREE TO VIEW

Researchers at the Israeli cloud security startup company, Wiz,  have discovered a massive flaw in the main databases stored in Microsoft Corp's Azure cloud platform and have urged all users to change their digital access keys.

Wiz found  they could have gained access to the primary digital keys for most users of the Cosmos DB database system, allowing them to steal, change or delete millions of records. Alerted by Wiz, Microsoft rapidly fixed the configuration mistake that would have made it easy for any Cosmos user to get into other customers' databases, then notified some users to change their keys.

Microsoft found no evidence that any attackers had used the same flaw to get into customer data. "Our investigation shows no unauthorised access other than the researcher activity... Notifications have been sent to all customers that could be potentially affected due to researcher activity... Though no customer data was accessed, it is recommended you regenerate your primary read-write keys," Microsoft  said in a blog.

The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) went further, making clear it was speaking not just to those notified. "CISA strongly encourages Azure Cosmos DB customers to roll and regenerate their certificate key,"the agency said in a statement.   

Experts at Wiz, founded by veterans of Azure's security team, agreed. "In my estimation, it's really hard for them, if not impossible, to completely rule out that someone used this before," said Wiz Chief Technology Officer Ami Luttwak, an ex-employee at  Microsoft, where  he developed tools for logging cloud security incidents.

When asked if it had comprehensive logs for the two years when the Jupyter Notebook feature was misconfigured, or had used another way to rule out access abuse, a Microsoft spokesman replied "We expanded our search beyond the researcher's activities to look for all possible activity for current and similar events in the past,"

Wiz discovered the vulnerability on 9 August 2021 disclosed the flaw to Microsoft three days later. Within 48 hours Microsoft’s security teams disabled the vulnerable feature.

CERT- CISA:     Wiz:       Reuters:       Brand Equity:      Channel Asia:      Verdict:     Business Hala

You Might Also Read:

Big Data & Cloud Computing - Concurrent  Technologies Of The Digital Revolution:

 

« US Tech Giants To Spend Billions On National Cyber Security
Hackers Steal $100m From Japanese Cryptocurrency Exchange »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

4Secure

4Secure

For over two decades, 4Secure has specialised in cyber security consultancy, safeguarding the worlds critical Infrastructure through securely bridging air gapped networks.

Mellanox Technologies

Mellanox Technologies

Mellanox Technologies is a leading supplier of end-to-end Ethernet and InfiniBand intelligent interconnect solutions and services for servers, storage, and hyper-converged infrastructure.

CloudSigma

CloudSigma

CloudSigma, a pure-cloud IaaS provider offers flexible and innovative cloud hosting solutions for companies of all sizes both in Europe and the US.

BetterCloud

BetterCloud

BetterCloud puts IT in control of the modern workplace through user lifecycle management, data discovery, and IT and security automation purpose-built for SaaS.

Exabeam

Exabeam

Exabeam is a global cybersecurity leader that delivers AI-driven security operations.

BlueVoyant

BlueVoyant

BlueVoyant's Cyber Defense Platform is security operations platform that provides real-time threat monitoring for networks, endpoints, and supply chains.

ReversingLabs

ReversingLabs

ReversingLabs develops cyber threat detection and mitigation tools that address the the latest directed attacks, advanced persistent threats and polymorphic malware.

Waratek

Waratek

Waratek is a pioneer in the next generation of application security solutions known as Runtime Application Self-Protection or RASP.

Aveshka

Aveshka

Aveshka is a professional services firm focused on addressing complex threats and challenges including Cybersecurity and Information Technology.

Volatility Foundation

Volatility Foundation

Volatility is an open source memory forensics framework for incident response and malware analysis.

Antiy Labs

Antiy Labs

Antiy Labs is a vender of antivirus engine and solution, providing the best-in-breed antivirus engine and next generation antivirus services for confronting PC malware and mobile malware.

IDnow

IDnow

IDnow is the world’s fastest, most flexible and most secure identity verification platform, delivering instant verification of the identity documents used by 7 billion people.

Uniwan

Uniwan

Uniwan is an IT services company specializing in networking and security.

Ethyca

Ethyca

Ethyca builds automated data privacy infrastructure and tools for developers and privacy teams to easily build products that comply with GDPR, CCPA Privacy Regulations.

In Fidem

In Fidem

In Fidem specializes in information security management, with a bold approach that views cybersecurity as a springboard to organizational transformation rather than a barrier to innovation.

Association for Uncrewed Vehicle Systems International (AUVSI)

Association for Uncrewed Vehicle Systems International (AUVSI)

AUVSI is the world's largest nonprofit organization dedicated to the advancement of uncrewed systems and robotics. Focus areas include cyber security for uncrewed systems and robotics.