Microsoft warns thousands of cloud customers of exposed databases - Cloud Security Podcast

Click here to Listen/ Watch the latest episode of Cloud Security Podcast!

Microsoft warns thousands of cloud customers of exposed databases

September 1, 2021

https://open.spotify.com/episode/2SceIuewG8iQ7npDyyvEn9?si=v8sd_4-ZRL2qOkvXqNGWLA

Last Thursday, on the 26th of August 2021 – Microsoft warned thousands of its cloud computing customers, including some of the world’s largest companies. that hackers could have the ability to read, change or even delete their main databases. This is due to a vulnerability in the Jupyter Notebook Feature in Microsoft Azure’s flagship Cosmos database. Microsoft cannot change those keys by itself, it emailed the customers Thursday telling them to create new ones

For more on this story and official Microsoft’s statement – visit our website www.cloudsecuritypodcast.tv

AWS has announced the release of AWS Backup Audit Manager a new feature that allows you to audit and report on the compliance of your data protection policies. AWS claims that it provides built-in compliance controls and allows you to customize those controls to define your data protection policies.

Google Cloud has recently released on demand vulnerability scanning. Google claims that this will allow checking for vulnerabilities earlier in development. This new feature checks for vulnerabilities both in locally stored container images and images stored within GCP registries.

A $2000 bug bounty has been claimed by researcher Robert Heaton, who was able to find a vulnerability in Bumble, a dating app which has more than 100 million users worldwide.

By learning how Bumble’s application programming interface (API) works the researchers found a way to pinpoint users’ exact location, bypassing the safeguards in the app designed to prevent this.

Lacework, a data driven security platform has released their quarterly cloud threat report. The report stated that Last year alone, cybercrime and ransomware attacks cost companies $4 billion in damages. They identified a rising demand for access to cloud accounts along with continued increases in scanning and probing of storage buckets, databases, orchestration systems, and interactive logins.

Recommended News Articles

Dell Embraces Multi-cloud + Hackers use stolen OAuth access tokens to breach

AWS Security Hub releases 5 new controls + Latest with Spring4shell

What is Spring4shell? + Should we be concerned?

Recommended Episodes

Building Blocks of Cloud Security Program