Microsoft deploys solution for flaws found in Azure by cybersecurity firm



Microsoft

Microsoft has resolved two major flaws in its Azure cloud offering, found by a group of researchers, which could have given criminals access to sensitive data.

Check Point Research said it informed Microsoft Security Response Centre about the vulnerabilities found in its research and a solution was responsibly deployed to ensure its users can safely continue using Azure Stack.

Check Point also mentioned that hackers could abuse Azure Stack to take screenshots of information, such as banking or credit card information.

A spokesperson from Microsoft told Data Economy that: “We released updates to address these issues in 2019, and customers who have applied the updates are protected.”

According to Microsoft, Azure App Service enables you to build and host web apps, mobile back ends, and RESTful APIs in the programming language of your choice, without managing infrastructure.

It offers auto-scaling and high availability, supports both Windows and Linux, and enables automated deployments from GitHub, Azure DevOps, or any Git repo.


Newsletter

Time is precious, but news has no time. Sign up today to receive daily free updates in your email box from the Data Economy Newsroom.


“When operating in the cloud, enterprises often behave with the wild abandon as if their services are hosted in their basement behind the safety of their trusted gateway,” said Check Point in its report.

“It’s easy to forget that while you might be sitting within your enterprise in the office, your device – using your corporate internet connection – is actually communicating with a service that is hosted outside of the organisation.

“The potential costs to businesses are dramatic – phishing schemes and data leaks have cost global brands both in dollar value and reputational value.”

Elsewhere, today Check Point released its Brand Phishing Report for Q4 2019, which highlights the brands which were most frequently imitated by criminals in their attempts to steal individuals’ personal information or payment credentials during Q4.

Facebook is the most imitated brand for phishing attempts, according to the Brand Phishing report.

Read the latest from the Data Economy Newsroom: