Did Microsoft Get Hacked?


While it is unclear if there is any truth to this specific, alleged hack into Microsoft, nor any true indicators as to the severity of the breach, this may get you wondering "how does something like this happen?"

We hear about breaches like this all the time. Without even referring to vulnerabilities within Microsoft itself, there are concerns about companies they have close ties with like Kudu. Microsoft describes Kudu as the "engine behind a number of features in Azure App Service related to source control based deployment, and other deployment methods like Dropbox and OneDrive sync."

On October 26, 2022 Microsoft released a responsible disclosure after discovering a critical remote code execution (RCE) flaw that could allow malicious entities remote access to data that is supposed to be secure.

"The vulnerability is achieved through CSRF (cross-site request forgery) on the ubiquitous SCM service Kudu," Ermetic researcher Liv Matan said in a report shared with The Hacker News. "By abusing the vulnerability, attackers can deploy malicious ZIP files containing a payload to the victim's Azure application."

Whether we're talking about the Kudu incident in 2022 or the more recent The Kinsing malware situation, the question remains - "what does it have to do with me?"

If a company as big as Microsoft can be hacked, anyone can. For this reason, at CoolLife.io / Vault Rooms we take more precautions than most. You may have been one of the many who noticed a halt in uploads and downloads the other day, and wondered why this would be necessary. The simple fact of the matter is when it comes to our client's data, every possible precaution must be taken. While vulnerabilities like those you saw reported on the news this week are investigated and fortified against in real-time by our team, we simply can't risk falling victim to these types of attacks.One of the many examples of how we are different from our competitors is how we handle possible threats to our data and that of our clients.

So the last question we would pose to you is:


"What's more important to your company, convenience, or true security?"


References:

  • Ravie Lakshmanan (2023). New Microsoft Azure Vulnerability Uncovered — EmojiDeploy for RCE Attacks. The Hacker News - https://amp.thehackernews.com/thn/2023/01/new-microsoft-azure-vulnerability.html
  • Bill Toulas (2023). Microsoft: Kubernetes clusters hacked in malware campaign via PostgreSQL. BleepingComputer - https://www.bleepingcomputer.com/news/security/microsoft-kubernetes-clusters-hacked-in-malware-campaign-via-postgresql/