Caution, Microsoft cloud user data leaks

Researchers have discovered a huge gap in the main database stored on the Microsoft Corp Azure cloud platform. Saturday urged all users to change their digital passwords.

screenshot 2021 08 30 at 08 54 32 researchers, cybersecurity agency urge action by microsoft cloud database users

Researchers at a cloud security company called Wiz discovered this month that they could have accessed the master digital keys for most users of the Cosmos DB database system, allowing them to steal, delete or modify millions of files. .

As notified by Wiz, Microsoft quickly corrected a configuration error that would make it easier for any Cosmos user to log in to other customers' databases, and alerted some users on Thursday to change their keys.

In a post Friday, Microsoft said it had warned customers who installed Cosmos Access during the week. No evidence was found that any of the attackers had used the same flaw to enter customer data.

The US Department of Homeland Security's Cybersecurity and Infrastructure Security Service used strict language in press release on Friday, making it clear that you are not just referring to those who have already been informed.

When Microsoft was asked if the Jupyter Notebook feature was not configured properly or if another method was used to prevent access abuse, Microsoft was reluctant to respond immediately.

Wiz said Microsoft had worked closely with it on the investigation, but declined to say whether previous customers were safe.

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Microsoft, Azure

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).