14 DAY TRIAL // Microsoft sent out a warning to thousands of cloud computing customers regarding threat actors that can view, modify, or even delete master databases if they gain access to their systems, according to Reuters.
Wiz announced that Microsoft Azure's flagship Cosmos database contain a vulnerability that allows access to keys that control access to the databases of hundreds of companies. Unable to update those keys itself, Microsoft sent an email to its customers Thursday asking them to create new keys. The software giant compensated Wiz with $40,000 in cash for discovering and reporting the security flaw.
Microsoft said, "Microsoft recently became aware of a vulnerability in Azure Cosmos DB that could potentially allow a user to gain access to another customer's resources by using the account's primary read-write key. This vulnerability was reported to us confidentially by an external security researcher. After becoming aware of this issue on August 12, 2021, we immediately remediated the vulnerability".
The vulnerability has been exploited for months
When it comes to security, the issues with Azure are particularly serious, considering that companies rely on the cloud for the majority of their security needs. The vulnerability has been known to exist for many years, but it became a problem in February 2021 when it was made default in Cosmos. This is why Wiz believes that the actual number of customers affected by the vulnerability can be much larger than the number of customers notified by Microsoft of the potential vulnerability.
In the eventuality that your company is using Cosmos, then one of the first things you should do is to restrict network access to the database. At the same time, you can also consider implementing firewall rules that allow access only to authorized IP addresses and securing the database via virtual networks.