Microsoft has warned Azure customers about a flaw in Azure Cosmos DB that left data completely exposed for the last two years. The company indicated it has not seen any evidence of illicit data access, despite the length of time and severity. The flaw, dubbed ChaosDB, gives full admin rights without authorization. Customers are advised to regenerate Cosmos DB keys, protected network access, and use Role Based Access Control, and the company has issued more detailed guidance on its website. Microsoft is including additional safeguards and monitoring to detect future attempts to gain access to customers accounts without authorization.
The hacker behind the T-Mobile breach has come forward – and criticized the company’s security. The 21-year old hacker claims to scanned unprotected routers to gain access.
Cybersecurity researchers at Palo Alto Networks have detailed four upcoming families of ransomware discovered during investigations – and under the right circumstances, any of them could become the next big ransomware threat. The highlight – these are the new up-and-comers, replacing other organizations that have disappeared.
A recovered script used by Pysa’s ransomware operation gives us insight into the types of data they are attempting to steal. The script scans for data, including 123 keywords – things like 401K, agreement, payment, and fraud – looking within the data itself.
A new alert from the FBI – digital extortion via phone call. The Hive ransomware dial into infected victims to demand payment for release of data.
Why do we care?
So, Microsoft has a huge vulnerability in their software. Which they fixed. And which they also then added more safeguards to watch for. Cloud technologies don’t make vulnerabilities go away. They just change the responsibility of management.
The role of the IT services company has shifted – this is a vendor management exercise. The IT services company does less fixing here and more communication and coordination. In particular, ensure the configuration is correct – those keys and access controls – rather than having to do the repair. Note the other value delivered by Microsoft – they have done additional work to adjust their own vigilance.
If the name of the game is risk management, then it’s about informed decisions as the higher value. Often times the value of the cloud is presented as cost savings or elasticity. I’m far more focused on the transfer of risk and responsibility here… to a larger organization with the means to handle it.