Your address will show here +12 34 56 78
Blog

Microsoft has issued a warning to their Azure cloud computing customers regarding a vulnerability that has left their data completely exposed for the last two years.


Over 3,300 Azure customers have been open to unrestricted access by attackers because of a  flaw in Microsoft’s Azure Cosmos DB database product. The vulnerability goes back to 2019 when Microsoft inserted a data visualization feature called Jupyter Notebook to Cosmos DB. The feature was turned on by default for all Cosmos DBs in February 2021.


Fortune 500 companies like Coca Cola, Liberty Mutual Insurance, ExxonMobil, and Walgreens, have all been affected.


“This is the worst cloud vulnerability you can imagine,” said Ami Luttwak, Chief Technology Officer of Wiz, the security company that discovered the issue. “This is the central database of Azure, and we were able to get access to any customer database that we wanted.”


Fortunately, even though hackers had access, Microsoft hasn’t seen any evidence of the vulnerability leading to wrongful data access. “There is no evidence of this technique being exploited by malicious actors,” Microsoft told Bloomberg in an emailed statement. “We are not aware of any customer data being accessed because of this vulnerability.”


Microsoft paid Wiz $40,000 for the discovery, according to Reuters.


Wiz states in a  blog post, that the vulnerability allowed the company’s researchers to gain access to the primary keys that secured the Cosmos DB databases for Microsoft customers. With these keys, Wiz had full read / write / delete access to the data of several thousand Microsoft Azure customers.


Wiz  discovered the flaw two weeks ago and Microsoft quickly disabled the vulnerability within 48 hours of Wiz reporting it. But, Microsoft can’t change its customers’ primary access keys, which is why the company contacted Cosmos DB customers to manually change their keys in order to mitigate exposure.


Cloud computing has it’s security issues.  Reach out to MicroPac today for a cybersecurity solution. 

0

Blog
According to PhishLabs,  phishing attacks have increased 22% this year compared to the first half of 2020.

“Phishing continues to be one of the top threats to enterprises with attack volume outpacing the first half of 2020 by 22%,” the researchers write. “It is the primary method used by threat actors to steal credentials, hijack accounts, and compromise organizations. While phishing continues to thrive, social media is increasingly being used for impersonation, fraud, and other cyber threats. Threats targeting enterprises via social media grew 47% in the first half of 2021, demonstrating its emergence as a top threat vector.”

The research suggests that fraud-related attacks on social media had the most traction, while payment services and the healthcare industry were increasingly targeted.

“Payment Services and Healthcare experienced the steepest increases in social media attacks per business in Q2,” the researchers write. “Payment Services, which ranked the highest of all industries, increased threat activity by over 500% when compared to Q1. Healthcare experienced the second highest increase in activity from Q1 to Q2, moving up in rank from 17th to 10th, due to a 188% increase in attacks per business in Q2.”

PhishLabs also discovered that cryptocurrency-related phishing attacks increased ten times in Q2 2021 compared to the previous quarter. As well as, attacks targeting single sign-on (SSO) solutions rose by 40% in Q2 compared to Q1.

The researchers noted that credential phishing and targeted attacks are the most likely to bypass security filters.

“Credential theft phishing and response-based attacks, such as BEC, pose the greatest risk to corporate email users, accounting for 96% of threats found in enterprise inboxes,” PhishLabs says. “These threats continue to evade email security controls at a high rate.”

Having a strong cybersecurity solution and security awareness training are crucial to combatting these types of attacks.  Contact Micropac today to discuss how we can help at https://micropactech.com. 

Source: PhishLabs

0

Blog
Micropac is pleased to announce their partnership with LMNTRIX-a cybersecurity and threat detection suite of offerings.

The LMNTRIX Active Defense is a validated and integrated threat detection and response architecture that hunts down and eliminates the advanced and unknown threats that routinely bypass perimeter controls.

According to LMNTRIX, “It’s not enough to know what’s happening on the inside of your network, you need to have someone who has your back on the outside too. After all, when hackers steal data, it almost always finds its way to an online black market – the deep and dark web. The back alley of the cyberworld where illegally obtained data is bought and sold.”

LMNTRX shines a light on the deep and dark web by using  intelligence, knowledge and proprietary techniques to their advantage. Whether an attacker has stolen your data and is looking to sell it online or if someone is planning to breach your organization and is seeking advice on how to do so, LMNTRIX can use the attacker’s platforms against them so you can be certain of your defenses.


To learn more about the full suite of cyber-arsenal products contact Micropac today at micropactech.com.





0