LowEndBox - Cheap VPS, Hosting and Dedicated Server Deals

Microsoft Azure’s CosmosDB Accidentally Left Wide Open

Tags: , , , Date/Time: August 27, 2021 @ 12:00 pm, by raindog308

Microsoft AzureMicrosoft revealed Thursday that some customers’ CosmosDB databases in Azure were accidentally left wide open. A security researcher named Wiz discovered that it could access keys that unlocked thousands of customers’ databases.

Microsoft has issued a fix and contacted affected customers so they can change their keys.

“This is the worst cloud vulnerability you can imagine. It is a long-lasting secret,” Wiz Chief Technology Officer Ami Luttwak told Reuters. “This is the central database of Azure, and we were able to get access to any customer database that we wanted.”

Reuters has full details in their article.

In related news, thousands of MySQL and PostgreSQL databases on LowEnd hosts continued to work securely.

I'm Andrew, techno polymath and long-time LowEndTalk community Moderator. My technical interests include all things Unix, perl, python, shell scripting, and relational database systems. I enjoy writing technical articles here on LowEndBox to help people get more out of their VPSes.

No Comments

    Leave a Reply

    Some notes on commenting on LowEndBox:

    • Do not use LowEndBox for support issues. Go to your hosting provider and issue a ticket there. Coming here saying "my VPS is down, what do I do?!" will only have your comments removed.
    • Akismet is used for spam detection. Some comments may be held temporarily for manual approval.
    • Use <pre>...</pre> to quote the output from your terminal/console, or consider using a pastebin service.

    Your email address will not be published. Required fields are marked *