The Game Awards Nominees Are Finally Here: God of War Leads
![Selma Citakovic]()
Selma Citakovic
Updated · Nov 16, 2022
Huge Cloud Vulnerability Found in Microsoft Azure
Teodora Dobrilova
Updated · Feb 21, 2022
Techjury is supported by its audience. When you purchase through links on
our site, we may earn an affiliate commission.
Learn
more.
![x]()
Advertiser Disclosure
This page may contain links to our partners’ products and services, which allows us to keep our website sustainable. Тechjury.net may receive a compensation when you sign up and / or purchase a product or a service using our links. As an Amazon Associate we earn commissions from qualified purchases. This comes at no extra cost to you. On the contrary, these partnerships often allow us to give you discounts and lower prices. However, all opinions expressed on our site are solely ours, and this content is in no way provided or influenced by any of our partners.
This month, researchers discovered a dangerous security vulnerability in Microsoft Azure, that could give cybercriminals admin access to all user databases in Cosmos DB.
The Issue
Researches from the security company Wiz found that it is easy for one to gain the primary keys to all databases. This gives cybercriminals the ability to read, change or delete information.
The vulnerability might have been present since the 2019 release of Jupyter Notebook. The researchers called it ChaosDB.
Wiz CTO and former chief technology officer at Microsoft's Cloud Security Group Ami Luttwak said: "This is the worst cloud vulnerability you can imagine. It is a long-lasting secret. This is the central database of Azure, and we were able to get access to any customer database that we wanted".
Microsoft’s Actions
Microsoft, however, cannot change the access keys. So, it sent mass emails to potentially affected customers to warn them about the issue.
The company also fixed the configuration mistake, which was the root of the issue.
"Our investigation shows no unauthorized access other than the researcher activity. Notifications have been sent to all customers that could be potentially affected due to researcher activity," Microsoft announced.
The Statistics
The case should serve as a warning for all database software users.
Statistics also show that:
- There’s a new cyberattack every 39 seconds.
- Companies suffered roughly 22 security breaches last year.
Vulnerabilities similar to ChaosDB are just giving hackers the upper hand.
Teodora Dobrilova
Teodora devoted her whole life to words – reading, writing and trying to be original on social media. She got certified in digital marketing but still feels she’s not cool enough to be an influencer. (We all disagree – she influences the team pretty well.) She finished a master’s degree focused in Literature, Publishing, Mass Media. Her hobbies include traveling, and reading. Teddy hopes that yoga will be the thing to finally teach her some patience and show her the path toward world domination. Maybe modern tech can also help her with that.
Latest from Author
Leave your comment
Your email address will not be published.
PlayStation Discord Integration Is Reportedly Coming In March
![Dejan Cvetnarevic]()
Dejan Cvetnarevic
Updated · Oct 31, 2022
EA Games Announces The Sims 5: What Can Fans Expect?
![Dejan Cvetnarevic]()
Dejan Cvetnarevic
Updated · Oct 20, 2022
Google Stadia Shutting Down
![Dejan Cvetnarevic]()
Dejan Cvetnarevic
Updated · Sep 30, 2022