Microsoft Azure customers have been informed of a newly found critical bug in Cosmos DB that enables intruders to remotely take control over databases by giving them complete admin access with no authorization requested. Anyone can read, change, or delete databases as they please, according to Microsoft. What Happened? This month, cybersecurity researchers at the…
Microsoft has warned thousands of Azure customers that a now-fixed critical vulnerability found in Cosmos DB allowed any user to remotely take over other users’ databases by giving them full admin access without requiring authorization. Azure Cosmos DB is a globally distributed and fully managed NoSQL database service used by high-profile customers, including Mercedes Benz, Symantec,…
Governance & Risk Management , Patch Management Alert Urges Organizations to Patch as Vulnerabilities Are Exploited Doug Olenick (DougOlenick) • August 27, 2021 Four months after Microsoft released the first security update for three vulnerabilities in several versions of its on-premises Exchange Server software – collectively called ProxyShell – the company has issued…
Cybercrime is one of the most significant threats facing companies today. With the average cost of a data breach reaching an all-time high of $4.24 million, the business case for cybersecurity has never been stronger. Still, some businesses seem to misunderstand the urgency of meeting current cybersecurity standards. It may help to consider the legal…
The Boston Public Library (BPL) has disclosed today that its network was hit by a cyberattack on Wednesday, leading to a system-wide technical outage. BPL serves almost 4 million visitors per year through its central library and twenty-five neighborhood branches, as well as millions more online. It is the third-largest public library in the United States behind the…
MANSFIELD, Ohio – The Department of the Air Force announced yesterday it has identified Ohio’s Mansfield-Lahm Air National Guard Base as the preferred location for a new Cyber Warfare Wing mission. The transformation will support Air Combat Command’s future requirements and result in operational mission changes, including an increase of approximately 175 Airmen and associated…
Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service Uptick in Hive Ransomware Activity Spotted Prajeet Nair (@prajeetspeaks) • August 28, 2021 FBI Warns of Hive Ransomware Tactics. (Source: US FBI) The Federal Bureau of Investigation has issued a warning about Hive ransomware after the group took down IT systems at Memorial Health System…
Researchers who discovered a massive flaw in the main databases stored in Microsoft’s Azure cloud platform have now urged all users to change their digital access keys, not just the 3300 it notified this week. Researchers at a cloud security company called Wiz discovered this month they could have gained access to the primary digital…
The following article was originally published in the Ohio Capital Journal and published on News5Cleveland.com under a content-sharing agreement. The U.S. Air Force announced Wednesday the Mansfield Air National Guard Base, home of the 179th Airlift Wing, has been selected as the preferred site for the Air National Guard’s first Cyber Warfare Wing. “This selection…
Security researchers have found a long-standing vulnerability in the Azure Cosmos DB fully managed non-structured query language database, which allows attackers to remotely take over the information store with a trivial exploit. Named ChaosDB, the vulnerability gives any Azure user full administrative access to other customers’ Cosmos DB instances, security vendor Wiz Research Team said….
