Users of Microsoft cloud platform, change your password quickly
Researchers from cloud security company Wiz discovered this month that they can gain access to the primary digital keys of most users of the Cosmos DB database system
Ami Rojkes Dombe
| 30/08/2021
After finding a flaw in the main databases stored in Microsoft's cloud platform, researchers called Saturday on all users, not just the 3,300 it already notified, to change their digital access keys.
As first reported by Reuters, researchers from cloud security company Wiz discovered this month that they could gain access to the primary digital keys of most users of the Cosmos DB database system, which would enable them to steal, change or delete millions of records.
According to a statement by Wiz, Microsoft quickly fixed the configuration mistake that enabled any Cosmos user to enter other customers' databases, and then notified some of the users to change their keys.
In a post published on its blog on Friday, Microsoft said it warned customers which had set up Cosmos access during the weeklong research period. No evidence that attackers used the flaw to enter customer databases has been found.
"Our investigation shows no unauthorized access other than the researcher activity," Microsoft wrote. "Notifications have been sent to all customers that could be potentially affected due to researcher activity." It added that "Though no customer data was accessed, it is recommended you regenerate your primary read-write keys."
In a statement on Friday, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency used stronger language, making clear it was addressing all Cosmos customers, not only those notified. "CISA strongly encourages Azure Cosmos DB customers to roll and regenerate their certificate key," the agency said.
"In my estimation, it’s really hard for them, if not impossible, to completely rule out that someone used this before,” said a source at Wiz.
Rare-earth elements between the United States of America and the People's Republic of China
The Eastern seas after Afghanistan: the UK and Australia come to the rescue of the United States in a clumsy way
The failure of the great games in Afghanistan from the 19th century to the present day
Russia, Turkey and United Arab Emirates. The intelligence services organize and investigate
Researchers from cloud security company Wiz discovered this month that they can gain access to the primary digital keys of most users of the Cosmos DB database system
After finding a flaw in the main databases stored in Microsoft's cloud platform, researchers called Saturday on all users, not just the 3,300 it already notified, to change their digital access keys.
As first reported by Reuters, researchers from cloud security company Wiz discovered this month that they could gain access to the primary digital keys of most users of the Cosmos DB database system, which would enable them to steal, change or delete millions of records.
According to a statement by Wiz, Microsoft quickly fixed the configuration mistake that enabled any Cosmos user to enter other customers' databases, and then notified some of the users to change their keys.
In a post published on its blog on Friday, Microsoft said it warned customers which had set up Cosmos access during the weeklong research period. No evidence that attackers used the flaw to enter customer databases has been found.
"Our investigation shows no unauthorized access other than the researcher activity," Microsoft wrote. "Notifications have been sent to all customers that could be potentially affected due to researcher activity." It added that "Though no customer data was accessed, it is recommended you regenerate your primary read-write keys."
In a statement on Friday, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency used stronger language, making clear it was addressing all Cosmos customers, not only those notified. "CISA strongly encourages Azure Cosmos DB customers to roll and regenerate their certificate key," the agency said.
"In my estimation, it’s really hard for them, if not impossible, to completely rule out that someone used this before,” said a source at Wiz.