Microsoft Gives Guidance To Secure Azure Cosmos DB Accounts

Share post:

Microsoft has released recommendations to Azure accounts after the discovery of a critical vulnerability in Cosmos DB.

The vulnerability, known as <strong>ChaosDB</strong>, affects Microsoft Azure Cosmos DB, a globally distributed NoSQL database service used by a number of prominent clients including Exxon-Mobil, Mercedes-Benz, and Coca-Cola.

Cloud security firm Wiz uncovered the bug in the Jupyter Notebook feature. Threat actors able to exploit the vulnerability can steal their customers’ primary read-write keys, allowing them to remotely take over databases.

After discovering the bug, Microsoft says it sent warnings to over 30% of Cosmos DB customers about a potential vulnerability on August 26.

According to Wiz, the actual number of affected customers could be much higher than 30%, as most Cosmos DB customers would be affected, as ChaosDB was present and may have been exploited months before the discovery.

To further secure Azure Cosmos DB accounts, Microsoft has the following recommendations:

    <li>All Azure Cosmos DB customers use a combination of firewall rules, vNet and / or Azure Private Link on their account. These network protection mechanisms prevent access from outside your network and unexpected locations.</li><li>In addition to implementing network security controls, we encourage the use of Role Based Access Control. Role Based Access Control allows per user and security principal access control to Azure Cosmos DB – those identities can be audited in Azure Cosmos DB’s diagnostic logs.</li><li>If you cannot use Role Based Access Control, we recommend implementing regularly scheduled key rotations.</li><li>You can find additional security best practices in the Azure Cosmos DB security baseline documentation.</li>

For more information, view the original story from Bleeping Computer.

Featured Tech Jobs


Related articles

Akamai technology uses edge computing to take on AWS, Azure and Google Cloud

Akamai Technologies is strategically expanding its cloud computing footprint through a focus on edge computing, aiming to challenge...

Broadcom’s VMWare changes make tech leaders look for possible escape route

Broadcom's significant overhaul of VMware is generating buzz within the tech industry, especially among Chief Information Officers (CIOs),...

Broadcom shakes up VMWare partner network

Broadcom's hefty $61 billion acquisition of VMware is turning the virtualization world upside down, especially for Cloud Services...

Dropbox AI offering sparks privacy concerns

Dropbox recently sparked concerns among its users with a new AI-powered search feature that shares data with OpenAI...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways