Huge Cloud Vulnerability Found in Microsoft Azure

This month, researchers discovered a dangerous security vulnerability in Microsoft Azure, that could give cybercriminals admin access to all user databases in Cosmos DB.

The Issue

Researches from the security company Wiz found that it is easy for one to gain the primary keys to all databases. This gives cybercriminals the ability to read, change or delete information.

The vulnerability might have been present since the 2019 release of Jupyter Notebook. The researchers called it ChaosDB.

Wiz CTO and former chief technology officer at Microsoft’s Cloud Security Group Ami Luttwak said: “This is the worst cloud vulnerability you can imagine. It is a long-lasting secret. This is the central database of Azure, and we were able to get access to any customer database that we wanted”.

Microsoft’s Actions

Microsoft, however, cannot change the access keys. So, it sent mass emails to potentially affected customers to warn them about the issue.

The company also fixed the configuration mistake, which was the root of the issue.

“Our investigation shows no unauthorized access other than the researcher activity. Notifications have been sent to all customers that could be potentially affected due to researcher activity,” Microsoft announced. 

The Statistics

The case should serve as a warning for all database software users. 

Statistics also show that:

Vulnerabilities similar to ChaosDB are just giving hackers the upper hand.

Sources

ABOUT AUTHOR

Devoted my whole life to words - reading, writing and trying to be original on social media. Got certified in digital marketing - still not cool enough to be an influencer. Finished a master’s degree focused in Literature, Publishing, Mass Media. Hobbies include traveling, reading and hoping that yoga will be the thing to finally teach me some patience. Would like to take over the world at some point, but that’s an optional dream. Maybe modern tech can help me do that?

Latest from Teodora

What Is SEO Writing Employee Theft Statistics That You Don’t Want to Miss in 2021 15 Disturbing Workplace Violence Statistics for 2021 White-Collar Crime Statistics That You May Not Know About in 2021

Leave a Reply

Your email address will not be published. Required fields are marked *