Microsoft has now started warning its cloud computing customers that intruders might have the ability to read, change or delete their main databases.
The vulnerability has been detected in Microsoft Azure’s flagship Cosmos DB database.
Microsoft Cloud Hacked; Microsoft Warns Companies Of Threat To Databases
As per reports, a research team at the security company Wiz discovered that they were able to access the keys that control the access to databases held by thousands of companies.
Microsoft has warned its cloud computing customers, which include some of the world’s largest companies that these intruders were able to modify their databases, as confirmed by a copy of the email and a cyber security researcher.
As Microsoft cannot change these keys by itself, an email has been sent to the customers and told them to create new ones. Microsoft is reportedly paying Wiz $40,000 for finding the flaw and reporting it.
The Wiz Chief Technology Officer Ami Luttwak is a former chief technology officer at Microsoft’s Cloud Security Group.
Microsoft has emailed its customers stating that the vulnerability has been fixed and that there was no evidence that the flaw had been exploited. As per the email, “We have no indication that external entities outside the researcher (Wiz) had access to the primary read-write key.”
As per Luttwak, this is the worst cloud vulnerability ever. “This is the central database of Azure, and we were able to get access to any customer database that we wanted.”
Flaw Detected In Visualization Tool
The flaw was detected in a visualization tool called Jupyter Notebook, and has been available for years. This flaw was enabled by default in Cosmos starting in February. As per Luttwak, customers who haven’t been notified by Microsoft can have their keys exchanged by attackers. This means that intruders will have access until those keys are changed.
We recently reported to you that more than 20,000 U.S. organizations have been compromised through a back door installed via recently patched flaws in Microsoft Corp’s email software, as confirmed by a person familiar with the U.S. government’s response.
More people have been hacked than all of the corrupted code downloaded from SolarWinds Corp, the company at the centre of another major hacking spree discovered in December. The latest hack has left channels for remote access spread across credit unions, city governments, and small businesses, according to the U.S. investigation.
Comments are closed, but trackbacks and pingbacks are open.