{"id":42388,"date":"2021-08-27T09:28:04","date_gmt":"2021-08-27T09:28:04","guid":{"rendered":"http:\/\/icloud.pe\/blog\/?guid=95d661da83c156eaa104140dedb1d48e"},"modified":"2021-08-27T09:28:04","modified_gmt":"2021-08-27T09:28:04","slug":"microsoft-azure-flaw-exposed-thousands-of-customer-databases","status":"publish","type":"post","link":"https:\/\/icloud.pe\/blog\/microsoft-azure-flaw-exposed-thousands-of-customer-databases\/","title":{"rendered":"Microsoft Azure flaw exposed &#8216;thousands&#8217; of customer databases"},"content":{"rendered":"<p><span class=\"field field-name-field-author field-type-node-reference field-label-hidden\"><br \/>\n      <span class=\"field-item even\"><a href=\"https:\/\/www.cloudpro.co.uk\/authors\/bobby-hellard\">Bobby Hellard<\/a><\/span><br \/>\n  <\/span><\/p>\n<div class=\"field field-name-field-published-date field-type-datetime field-label-hidden\">\n<div class=\"field-items\">\n<div class=\"field-item even\"><span class=\"date-display-single\">27 Aug, 2021<\/span><\/div>\n<\/p><\/div>\n<\/div>\n<p class=\"short-teaser\">\n<a href=\"https:\/\/www.cloudpro.co.uk\/\" title=\"\" class=\"combined-link\"><\/a><\/p>\n<div class=\"field field-name-body\">\n<p><a href=\"https:\/\/www.itpro.co.uk\/microsoft\" >Microsoft<\/a>\u00a0has warned thousands of its Azure cloud customers that their main databases have been compromised.<\/p>\n<p>The impacted customers included some of the world&#8217;s largest companies, according to cyber security researcher\u00a0<a href=\"https:\/\/www.wiz.io\/blog\/chaosdb-how-we-hacked-thousands-of-azure-customers-databases\" >Wiz<\/a>.\u00a0<\/p>\n<p><!--wysiwyg_see-related_plugin--><\/p>\n<p>\nThe vulnerability is in Microsoft&#8217;s\u00a0<a href=\"https:\/\/www.itpro.co.uk\/microsoft-azure\" >Azure<\/a>\u00a0Cosmos database and allows intruders to read, change and even delete customer information, according to Wiz. The researchers were able to find keys that control access to databases held by &#8220;thousands&#8221; of companies.<\/p>\n<p>The chief technology officer of Wiz, Ami Luttwak, is former\u00a0<a href=\"https:\/\/www.itpro.co.uk\/strategy\/28237\/cto-job-description-what-does-a-cto-do\" >CTO<\/a>\u00a0of Microsoft&#8217;s Cloud Security Group. Her team found the exploit, dubbed &#8216;ChaosDB&#8217;, on 9 August and notified Microsoft on 12 August.\u00a0<\/p>\n<p>&#8220;This is the worst cloud vulnerability you can imagine. It is a long-lasting secret,&#8221; Luttwak told\u00a0<a href=\"https:\/\/www.reuters.com\/technology\/exclusive-microsoft-warns-thousands-cloud-customers-exposed-databases-emails-2021-08-26\/\" ><em>Reuters<\/em><\/a>. &#8220;This is the central database of Azure, and we were able to get access to any customer database that we wanted.&#8221;<\/p>\n<p><em>IT Pro<\/em>\u00a0has approached Microsoft for comment, but it seems that it cannot change the access keys by itself, according to emails sent by the company to Wiz. The tech giant has reportedly agreed to pay the security researchers $40,000 for finding the flaw and reporting it.<\/p>\n<p>In the email to customers, Microsoft said it has fixed the vulnerability, adding that there was no evidence the flaw had been exploited: &#8220;We have no indication that external entities outside the researcher (Wiz) had access to the primary read-write key,&#8221; it said.\u00a0<\/p>\n<p>This latest disclosure comes just a few months after the SolarWinds hack, where actors suspected to be working for the Russian government\u00a0<a href=\"https:\/\/www.itpro.co.uk\/security\/358216\/hackers-accessed-microsoft-source-code-in-solarwinds-attack\" >stole Microsoft&#8217;s source code<\/a>\u00a0and caused breaches and issues around the world.<\/p>\n<p>Exchange email flaws were still cropping up last week, with the US government sending out a warning that customers needed to instal\u00a0patches that were issued months ago because ransomware gangs were now exploiting them.\u00a0 <\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>      Bobby Hellard<\/p>\n<p>        27 Aug, 2021    <\/p>\n<p>      Microsoft\u00a0has warned thousands of its Azure cloud customers that their main databases have been compromised.<br \/>\nThe impacted customers included some of the world&#8217;s largest companies, according to &#8230;<\/p>\n","protected":false},"author":403,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-42388","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/42388","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/users\/403"}],"replies":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/comments?post=42388"}],"version-history":[{"count":1,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/42388\/revisions"}],"predecessor-version":[{"id":42389,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/42388\/revisions\/42389"}],"wp:attachment":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/media?parent=42388"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/categories?post=42388"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/tags?post=42388"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}