10 April 2024

Microsoft resolves security breach exposing internal files and credentials


Microsoft resolves security breach exposing internal files and credentials

Microsoft has addressed a security incident involving its Azure cloud service that exposed internal company files and credentials to the open internet.

The breach has been disclosed by security experts from security company SOCRadar, who spotted an open and public storage server hosted on Microsoft's Azure cloud service. This server was found to contain internal information related to Microsoft's Bing search engine, including code, scripts, and configuration files, TechCrunch reported.

These files contained passwords, keys, and credentials utilized by Microsoft employees to access various internal databases and systems.

The storage server itself lacked basic protection measures such as a password, making it accessible to anyone on the internet.

According to the researchers, the exposed data could help malicious actors identify and access additional storage locations where Microsoft stores its internal files, which could lead to more extensive data leaks.

The researchers notified Microsoft on February 6, and the company implemented measures to secure the exposed files. It remains unclear how long the cloud server was accessible to the internet and whether any unauthorized parties accessed the data during this period.

The Windows maker has recently come under fire after the DHS Cyber Safety Review Board (CSRB) released a report on Microsoft's hack by the Chinese threat actor Storm-0558 in May 2023, in which the hackers breached an unidentified number of email accounts linked to around 25 organizations, including some related individual consumer accounts and government agencies in Western Europe and the US.

CSRB’s report found Microsoft at fault for the intrusion, which officials said was “preventable” and that “Storm-0558 was able to succeed because of a cascade of security failures at Microsoft.” The board has concluded that Microsoft's security culture is insufficient and necessitates a comprehensive overhaul.

Back to the list

Latest Posts

Threat actors abusing Foxit PDF Reader flaw to deploy multiple malware variants

Threat actors abusing Foxit PDF Reader flaw to deploy multiple malware variants

The flaw involves Foxit PDF Reader's handling of pop-up messages.
20 May 2024
China-linked APT group uses malware to spy on commercial shipping

China-linked APT group uses malware to spy on commercial shipping

Mustang Panda infiltrated the computer systems of cargo shipping companies in Norway, Greece, and the Netherlands.
20 May 2024
The Grandoreiro malware is back up and running after January disruption

The Grandoreiro malware is back up and running after January disruption

Grandoreiro now targets over 1,500 banks worldwide, spanning more than 60 countries across Central and South America, Africa, Europe, and the Indo-Pacific region.
20 May 2024