Microsoft revealed Thursday that some customers’ CosmosDB databases in Azure were accidentally left wide open. A security researcher named Wiz discovered that it could access keys that unlocked thousands of customers’ databases.
Microsoft has issued a fix and contacted affected customers so they can change their keys.
“This is the worst cloud vulnerability you can imagine. It is a long-lasting secret,” Wiz Chief Technology Officer Ami Luttwak told Reuters. “This is the central database of Azure, and we were able to get access to any customer database that we wanted.”
Reuters has full details in their article.
In related news, thousands of MySQL and PostgreSQL databases on LowEnd hosts continued to work securely.
Related Posts:
Hybrid Hosting: The Preferred New Solution for IT Leaders
Google is Building a Datacenter in...um, Where...?!?
Microsoft: VMware Pricing "Gave The World The Greatest Gift Of All"
LowEndLOLs: CrowdStrike Meme Starter Pack
The Top 20 CrowdStrike Memes You Can Enjoy While You Fix Servers
Install Windows Server on any VPS or Dedicated Server without KVM/iLO or IPMI!
Dread Lord of LowEnd Content at LowEndBox
I'm raindog308, techno polymath and long-time LowEndTalk community Administrator. My technical interests include all things Unix, perl, python, golang, shell scripting, vintage operating systems such as MVS, and relational database systems such as Oracle, PostgreSQL, and MySQL.
I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.
I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308
I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.
I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308
Latest posts by raindog308 (see all)
- IncogNET Teases Their Takeover of the Privacy-Focused Email Hosting Industry - November 17, 2024
- COMMUNITY NEWS: RackNerd LLC, Global IaaS Provider, Expands European Footprint with New Dublin, Ireland Datacenter - November 16, 2024
- Hey Providers – Want Some FREE Advertising During the SuperBowl? - November 14, 2024
Leave a Reply