Microsoft Azure cloud vulnerability is the ‘worst you can imagine’

by
Thomas Ricker
from The Verge on (#5NV5D)
acastro_170629_1777_0008_v2.0.jpg Another day, another major Microsoft vulnerability. | Illustration by Alex Castro / The Verge

Microsoft has warned thousands of its Azure cloud computing customers, including many Fortune 500 companies, about a vulnerability that left their data completely exposed for the last two years.

A flaw in Microsoft's Azure Cosmos DB database product left more than 3,300 Azure customers open to complete unrestricted access by attackers. The vulnerability was introduced in 2019 when Microsoft added a data visualization feature called Jupyter Notebook to Cosmos DB. The feature was turned on by default for all Cosmos DBs in February 2021.

A listing of Azure Cosmos DB clients includes companies like Coca Cola, Liberty Mutual Insurance, ExxonMobil, and Walgreens, to name just a few.

We were able to get access to any customer database that we...

Continue reading...

External Content
Source RSS or Atom Feed
Feed Location http://www.theverge.com/rss/index.xml
Feed Title The Verge
Feed Link https://www.theverge.com/
Reply 0 comments