Caution, Microsoft cloud user data leaks

Researchers have discovered a huge gap in the main database stored on the Microsoft Corp Azure cloud platform. Saturday urged all users to change their digital passwords.

screenshot 2021 08 30 at 08 54 32 researchers, cybersecurity agency urge action by microsoft cloud database users

As reported, researchers at a cloud security company called Wiz discovered this month that they could have gained access to the master digital keys for most users of the Cosmos DB database system, allowing them to steal, delete or change millions of .

As notified by Wiz, Microsoft quickly corrected a configuration error that would make it easier for any Cosmos user to log in to other customers' databases, and alerted some users on Thursday to change their keys.

In a post Friday, Microsoft said it had warned customers who installed Cosmos Access during the week. No evidence was found that any of the attackers had used the same flaw to enter customer data.

Its Cyber ​​Security and Infrastructure Security Agency U.S. Department of Homeland Security used strong language in press release on Friday, making it clear that you are not just referring to those who have already been informed.

When Microsoft was asked if the Jupyter was not properly configured or some other method was used to prevent access abuse, Microsoft was reluctant to respond immediately.

Wiz said Microsoft worked closely with her on the , but refused to confirm that previous customers were safe.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
Microsoft, Azure

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).