• chevron_right

      Microsoft finally explains cause of Azure breach: An engineer’s account was hacked

      news.movim.eu / ArsTechnica · Wednesday, 6 September, 2023 - 21:11

    Microsoft finally explains cause of Azure breach: An engineer’s account was hacked

    Enlarge (credit: Getty Images)

    Microsoft said the corporate account of one of its engineers was hacked by a highly skilled threat actor that acquired a signing key used to hack dozens of Azure and Exchange accounts belonging to high-profile users.

    The disclosure solves two mysteries at the center of a disclosure Microsoft made in July . The company said that hackers tracked as Storm-0558 had been inside its corporate network for more than a month and had gained access to Azure and Exchange accounts, several of which were later identified as belonging to the US Departments of State and Commerce. Storm-0558 pulled off the feat by obtaining an expired Microsoft account consumer signing key and using it to forge tokens for Microsoft’s supposedly fortified Azure AD cloud service.

    The disclosure left two of the most important questions unanswered. Specifically, how was a credential as sensitive as the consumer signing key stolen from Microsoft’s network, and how could it sign tokens for Azure, which is built on an entirely different infrastructure?

    Read 15 remaining paragraphs | Comments

    • chevron_right

      US senator blasts Microsoft for “negligent cybersecurity practices”

      news.movim.eu / ArsTechnica · Thursday, 27 July, 2023 - 20:29

    US senator blasts Microsoft for “negligent cybersecurity practices”

    Enlarge (credit: Getty Images)

    A US senator is calling on the Justice Department to hold Microsoft responsible for “negligent cybersecurity practices” that enabled Chinese espionage hackers to steal hundreds of thousands of emails from cloud customers, including officials in the US Departments of State and Commerce.

    “Holding Microsoft responsible for its negligence will require a whole-of-government effort,” Ron Wyden (D-Ore.) wrote in a letter . It was sent on Thursday to the heads of the Justice Department, Cybersecurity and Infrastructure Security Agency, and the Federal Trade Commission.

    Bending over backward

    Wyden’s remarks echo those of other critics who say Microsoft is withholding key details about a recent hack. In disclosures involving the incident so far, Microsoft has bent over backwards to avoid saying its infrastructure—including the Azure Active Directory , a supposedly fortified part of Microsoft’s cloud offerings that large organizations use to manage single sign-on and multifactor authentication—was breached. The critics have said that details Microsoft has disclosed so far lead to the inescapable conclusion that vulnerabilities in code for Azure AD and other cloud offerings were exploited to pull off the successful hack.

    Read 13 remaining paragraphs | Comments

    • chevron_right

      “Worst cloud vulnerability you can imagine” discovered in Microsoft Azure

      Jim Salter · news.movim.eu / ArsTechnica · Friday, 27 August, 2021 - 21:00

    Cosmos DB is a managed database service offering—including both relational and noSQL data structures—belonging to Microsoft

    Enlarge / Cosmos DB is a managed database service offering—including both relational and noSQL data structures—belonging to Microsoft's Azure cloud infrastructure. (credit: Microsoft )

    Cloud security vendor Wiz announced yesterday that it found a vulnerability in Microsoft Azure's managed database service, Cosmos DB, that granted read/write access for every database on the service to any attacker who found and exploited the bug.

    Although Wiz only found the vulnerability—which it named "Chaos DB"—two weeks ago, the company says that the vulnerability has been lurking in the system for "at least several months, possibly years."

    A slingshot around Jupyter

    • Jupyter notebook functionality in CosmosDB enables many advanced data visualization techniques with relatively little coding experience or effort. [credit: Wiz ]

    In 2019, Microsoft added the open-source Jupyter Notebook functionality to Cosmos DB. Jupyter Notebooks are a particularly user-friendly way to implement machine learning algorithms; Microsoft promoted Notebooks specifically as a useful tool for advanced visualization of data stored in Cosmos DB.

    Read 10 remaining paragraphs | Comments

    index?i=f0-TUibFbCk:ibE7OnlxpDg:V_sGLiPBpWUindex?i=f0-TUibFbCk:ibE7OnlxpDg:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
    • chevron_right

      Microsoft boots apps used by China-sponsored hackers out of Azure

      Dan Goodin · news.movim.eu / ArsTechnica · Friday, 25 September, 2020 - 10:45

    A motherboard has been photoshopped to include a Chinese flag.

    Enlarge / Computer chip with Chinese flag, 3d conceptual illustration. (credit: Steve McDowell / Agefotostock )

    Fortune 500 companies aren’t the only ones flocking to cloud services like Microsoft Azure. Increasingly, hackers working on behalf of the Chinese government are also hosting their tools in the cloud, and that’s keeping people in Redmond busy.

    Earlier this year, members of the Microsoft Threat Intelligence Center suspended 18 Azure Active Directory applications after determining they were part of a sprawling command-and-control network. Besides the cloud-hosted applications, the members of the hacking group Microsoft calls Gadolinium also stored ill-gotten data in a Microsoft OneDrive account and used the account to execute various parts of the campaign.

    Microsoft, Amazon, and other cloud providers have long touted the speed, flexibility, and scale that comes from renting computing resources as needed rather than using dedicated servers in-house. Hackers seem to be realizing the same benefits. The shift to the cloud can be especially easy thanks to free trial services and one-time payment accounts, which allow hackers to quickly get up and running without having to have an established relationship or even a valid payment card on file.

    Read 9 remaining paragraphs | Comments

    index?i=FRzB4rRlbV4:brDf6-bghAI:V_sGLiPBpWUindex?i=FRzB4rRlbV4:brDf6-bghAI:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
    • chevron_right

      L’hébergement par Microsoft de la plateforme de santé française est à nouveau mis en cause

      Julien Lausson · news.movim.eu / Numerama · Wednesday, 16 September, 2020 - 16:34

    centre de données data center microsoft

    Le Health Data Hub se retrouve de nouveau en difficulté : une coalition de 18 organisations et personnalités annonce un recours devant le Conseil d’État pour empêcher tout transfert de donnée de santé aux USA. Et, de fait, pour pousser en faveur d'un hébergement par une société française ou européenne. [Lire la suite]

    Abonnez-vous à notre chaîne YouTube pour ne manquer aucune vidéo !

    L'article L’hébergement par Microsoft de la plateforme de santé française est à nouveau mis en cause est apparu en premier sur Numerama .