Microsoft warns thousands of Azure customers about exposed databases
Category: #tech  | By Nikita Chaurasia  | Date: 2021-08-28 |
  • shareshare_icon
  • Twitter
  • Facebook
  • LinkedIn

Microsoft warns thousands of Azure customers about exposed databases
  • Security firm Wiz identified a flaw in Microsoft Azure that allowed it to read, modify, and delete the databases of various corporate clients.
  • Microsoft claims there is no proof that the flaw had been exploited.

Microsoft Corporation recently issued a warning for its Azure customers that hackers may have gained access to their data through an exploitable vulnerability in the cloud service.

Researchers at Wiz Inc. discovered the flaw in Microsoft Azure's Cosmos DB platform, which gave them access to keys that control databases held by several firms such as Exxon-Mobil Corp., Coca-Cola Co., and Citrix Systems Inc., among others.

Since Microsoft cannot alter those keys on its own, clients were asked to create new ones via an email from the company. According to the email from Microsoft to Wiz, the company promised to pay USD 40,000 for discovering and disclosing the problem.

In an email to customers, Microsoft stated that it had fixed the vulnerability, and there was no evidence of exploitation of the flaw. They do not find any indication that anyone other than the researchers (at Wiz) had access to the primary read-write key.

Wiz CTO, Ami Luttwak, expressed this is the worst cloud vulnerability anybody can think of. They were able to get access to whichever customer database they wanted, he added.

Further, the tech giant has also been in the news for its other security issues. The same alleged Russian government hackers who broke into SolarWinds stole Microsoft’s source code. Also, a recently implemented repair for a printer vulnerability that enabled computer takeovers had to be redone several times.

Last week, ransomware gangs exploited a flaw in the company’s Exchange email, prompting an urgent U.S. government warning that clients must apply updates released months ago.

In other news, Microsoft released an advisory regarding three vulnerabilities collectively termed Proxyshell, after security researchers at a federal government cybersecurity organization warned that hackers were actively trying to exploit them.

Source Credits –

https://financialpost.com/pmn/business-pmn/microsoft-warns-thousands-of-cloud-customers-of-exposed-databases-emails

  • shareshare_icon
  • Twitter
  • Facebook
  • LinkedIn


About Author

Nikita Chaurasia     twitter

Nikita Chaurasia

Having always been daft at wordplay, Nikita Chaurasia, post the completion of post-graduation, commenced her journey into the content generation cosmos. Endowed with a professional MBA degree in Advertising and Public Relations, Nikita strives to integrate her creativ...

Read More..

More News By Nikita Chaurasia

Arm Holdings achieves $54.5 Billion Valuation in successful U.S. IPO

Arm Holdings achieves $54.5 Billion Valuation in successful U.S. IPO

By Nikita Chaurasia

Arm Holdings Plc, the renowned chip designer, has reportedly secured a valuation of $54.5 billion through its U.S. initial public offering (IPO) on Wednesday. This milestone comes seven years after its acquisition by SoftBank Group Corp for $32 billi...

JSW Steel to increase its capacity by double in the next 3 years

JSW Steel to increase its capacity by double in the next 3 years

By Nikita Chaurasia

According to Chairman Sajjan Jindal, JSW Steel has set a target to increase its capacity to 50 million tonnes within the next three years. Speaking at an event organized by the Bombay Chartered Accountants Society, Jindal also mentioned the company&#...

KLM unveils World Business Class Seats for optimal comfort & privacy

KLM unveils World Business Class Seats for optimal comfort & privacy

By Nikita Chaurasia

KLM Royal Dutch Airlines has reportedly unveiled its latest World Business Class seats, designed to provide enhanced comfort and privacy. The World Business Class seats feature a sliding door, ensuring a greater sense of personal space. Additional...