Microsoft warns thousands of cloud customers of exposed databases - Cloud Security Podcast

Click here to Listen/ Watch the latest episode of Cloud Security Podcast!

Microsoft warns thousands of cloud customers of exposed databases

September 1, 2021

Last Thursday, on the 26th of August 2021 – Microsoft warned thousands of its cloud computing customers, including some of the world’s largest companies. that hackers could have the ability to read, change or even delete their main databases. This is due to a vulnerability in the Jupyter Notebook Feature in Microsoft Azure’s flagship Cosmos database. Microsoft cannot change those keys by itself, it emailed the customers Thursday telling them to create new ones

For more on this story and official Microsoft’s statement – visit our website www.cloudsecuritypodcast.tv

AWS has announced the release of AWS Backup Audit Manager a new feature that allows you to audit and report on the compliance of your data protection policies. AWS claims that it provides built-in compliance controls and allows you to customize those controls to define your data protection policies.

Google Cloud has recently released on demand vulnerability scanning. Google claims that this will allow checking for vulnerabilities earlier in development. This new feature checks for vulnerabilities both in locally stored container images and images stored within GCP registries.

A $2000 bug bounty has been claimed by researcher Robert Heaton, who was able to find a vulnerability in Bumble, a dating app which has more than 100 million users worldwide.

By learning how Bumble’s application programming interface (API) works the researchers found a way to pinpoint users’ exact location, bypassing the safeguards in the app designed to prevent this.

Lacework, a data driven security platform has released their quarterly cloud threat report. The report stated that Last year alone, cybercrime and ransomware attacks cost companies $4 billion in damages. They identified a rising demand for access to cloud accounts along with continued increases in scanning and probing of storage buckets, databases, orchestration systems, and interactive logins.

Recommended News Articles

Vulnerabilities discovered in AWS, GCP and Azure

Amazon S3 now encrypts by default + CircleCI Breach

Dell Embraces Multi-cloud + Hackers use stolen OAuth access tokens to breach

Recommended Episodes

AWS Cloud Penetration Testing Explained with Example