August 27, 2021 @ 12:00 pm, by raindog308
Microsoft revealed Thursday that some customers’ CosmosDB databases in Azure were accidentally left wide open. A security researcher named Wiz discovered that it could access keys that unlocked thousands of customers’ databases.
Microsoft has issued a fix and contacted affected customers so they can change their keys.
“This is the worst cloud vulnerability you can imagine. It is a long-lasting secret,” Wiz Chief Technology Officer Ami Luttwak told Reuters. “This is the central database of Azure, and we were able to get access to any customer database that we wanted.”
Reuters has full details in their article.
In related news, thousands of MySQL and PostgreSQL databases on LowEnd hosts continued to work securely.
Dread Lord of LowEnd Content at LowEndBox
I'm Andrew, techno polymath and long-time LowEndTalk community Moderator. My technical interests include all things Unix, perl, python, golang shell scripting, and relational database systems such as Oracle, PostgreSQL, and MySQL. I enjoy writing technical articles here on LowEndBox to help people get more out of their VPSes.
Latest posts by raindog308 (see all)
- GSuite Free Legacy: No Longer Free - January 19, 2022
- Microsoft Acquires Activision - January 19, 2022
- Painless Removable Media Backups…to the Cloud! - January 17, 2022
Leave a Reply