Microsoft Azure security flaws revealed

Microsoft Azure security flaws revealed

Microsoft has patched two major flaws in its Azure cloud offering that could have allowed criminals to take full control of servers and steal sensitive data.

The flaws were discovered by researchers at cybersecurity firm Check Point, who said that hackers could abuse Azure Stack to take screenshots of valuable information, such as banking or credit card information. It was also said they could abuse the Azure App Service to “take control” of entire servers.

Microsoft identified the flaws as CVE-2019-1372 and CVE-2019-1234 and worked in collaboration with Check Point on a fix.

Advertisement
PCmall Banner 300x250

“When operating in the cloud, enterprises often behave with the wild abandon as if their services are hosted in their basement behind the safety of their trusted gateway,” said Check Point, describing the problem.

“It’s easy to forget that while you might be sitting within your enterprise in the office, your device – using your corporate internet connection – is actually communicating with a service that is hosted outside of the organisation. The potential costs to businesses are dramatic – phishing schemes and data leaks have cost global brands both in dollar value and reputational value.”

The Azure App Service is a tool that allows developers to build both web and mobile apps for iOS, Android and Windows. Many SaaS applications are integrated within the offering, including Salesforce, Marketo and Dropbox.

Advertisement

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or LinkedIn.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

back to top

Popular Cyber News

Microsoft Azure security flaws revealed

Microsoft Azure security flaws revealed

03 February, 2020

Microsoft has patched two major flaws in its Azure cloud offering that could have allowed criminals to take full control...

Mobile Banking Users At Risk in SMS Phishing Campaign

Mobile Banking Users At Risk in SMS Phishing Campaign

18 February, 2020

Cybercriminals targeted mobile banking users by sending malicious SMS messages to their smartphones as part of a phishin...

Americans Want to Protect Their Information, but Don't Know How

Americans Want to Protect Their Information, but Don't Know How

08 February, 2020

Americans are keen on security, but do not necessarily understand it. This is the conclusion of a new survey of 1,300 Am...

Macs are more vulnerable to malware than PCs

Macs are more vulnerable to malware than PCs

12 February, 2020

Malware targeting Apple's Mac devices is growing at a faster rate than ever before, a new report by Malwarebytes is sugg...

Why Penetration Tests Are Absolutely Essential

Why Penetration Tests Are Absolutely Essential

03 February, 2020

Corporate network security breaches, which can prove costly to remediate and expose a company to lawsuits, are frequentl...

Top benefits of cloud computing

Top benefits of cloud computing

04 February, 2020

Gone are the days of the local server. Sure you may still have one as a backup. You may even have rooms filled with loca...

×

Sign up to keep in touch!

Be the first to hear the latest Cyber and Tech News straight to your mailbox.

Check out our Privacy Policy & Terms of use
You can unsubscribe from email list at any time