Conversation

Notices

GeniusMusing (geniusmusing@nu.federati.net)'s status on Friday, 27-Aug-2021 12:34:54 EDT GeniusMusing

Why is this "cloud storage" still a thing?

EXCLUSIVE-Microsoft warns thousands of cloud customers of exposed databasesemails Reuters
https://www.reuters.com/article/microsoft-security-idUSL1N2PX2W7

>SAN FRANCISCO, Aug 26 (Reuters) - Microsoft on Thursday warned thousands of its cloud computing customers, including some of the world’s largest companies, that intruders could have the ability to read, change or even delete their main databases, according to a copy of the email and a cyber security researcher.
>
>The vulnerability is in Microsoft Azure’s flagship Cosmos database. A research team at security company Wiz discovered it was able to access keys that control access to databases held by thousands of companies. Wiz Chief Technology Officer Ami Luttwak is a former chief technology officer at Microsoft’s Cloud Security Group.
>
>Because Microsoft cannot change those keys by itself, it emailed the customers Thursday telling them to create new ones. Microsoft agreed to pay Wiz $40,000 for finding the flaw and reporting it, according to an email it sent to Wiz.
>...
In conversation Friday, 27-Aug-2021 12:34:54 EDT from nu.federati.net permalink
Attachments
1. Invalid filename.
  
  EXCLUSIVE-Microsoft warns thousands of cloud customers of exposed databases -emails
  
  from U.S.
  
  Microsoft on Thursday warned thousands of its cloud computing customers, including some of the world's largest companies, that intruders could have the ability to read, change or even delete their main databases, according to a copy of the email and a cyber security researcher...
1. lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Friday, 27-Aug-2021 13:06:00 EDT lnxw48a1
  in reply to
  
  > Why is this "cloud storage" still a thing?
  
  Pointy-haired bosses. Someone else will host everything and make sure it is secure, so I don't have to pay for servers? Sure! Where do I sign?
  
  In conversation Friday, 27-Aug-2021 13:06:00 EDT from nu.federati.net permalink
2. lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Friday, 27-Aug-2021 13:26:36 EDT lnxw48a1
  in reply to
  
  I’ll bet they find a way to reset the keys if their customers delay too long.
  
  I do realize that customers’ applications could be “critical” to the operation of their organizations, and stopping them from working is a big step. But making it look like there’s nothing they can do at all is deceptive
  
  In conversation Friday, 27-Aug-2021 13:26:36 EDT from nu.federati.net permalink
  1. GeniusMusing (geniusmusing@nu.federati.net)'s status on Friday, 27-Aug-2021 13:34:50 EDT GeniusMusing
    in reply to
    
    Dilbert Comic Strip on 1995-11-17 Dilbert by Scott Adams
    https://dilbert.com/strip/1995-11-17
    In conversation Friday, 27-Aug-2021 13:34:50 EDT from nu.federati.net permalink
    Attachments
    1. File without filename could not get a thumbnail source.
      
      Dilbert Comic Strip on November 17, 1995
      
      from Dilbert
      
      The Boss stands behind Dilbert's desk and says, "I think we should build an SQL database." Dilbert thinks, "Uh-oh." Dilbert thinks, "Does he understand what he said or is it something he saw in a trade magazine ad?" Dilbert asks, "What color do you want that database?" The Boss answers, "I think mauve has the most RAM."

Public

Notices