This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
Microsoft alerted some Azure cloud computing users that a vulnerability uncovered by security experts might have given hackers access to their data.
In a blog post from its security response team, Microsoft stated it had patched the issue identified by Palo Alto Networks and had no sign malicious attackers had exploited the technique. It further stated that certain users have been asked to change their login passwords as a preventive measure.
The blog post was in response to an inquiry from Reuters regarding Palo Alto’s technique. Microsoft refused to respond to any of the inquiries, including whether or not it was assured that no data had been accessed.
Palo Alto researcher Ariel Zelivansky told Reuters in a previous interview that his team had cracked Azure’s widely used platform for so-called containers, which store applications for users.
According to him, the Azure containers utilized code that had not been updated to address a known vulnerability. As a result, the Palo Alto team was finally able to gain entire authority over a group that comprised containers from other users.
Ian Coldwater, a longtime container security expert who evaluated Palo Alto’s work at the request of Reuters stated, “This is the first attack on a cloud provider to use container escape to control other accounts.”
In July, Palo Alto reported the problem to Microsoft. Zelivansky added it took his team several mont
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: Microsoft Alerted Azure Customers of Bug That Could Have Allowed Hackers to Access Data