• Login
    Your ProfileLogout
  • join
  • about reply
WM Reply Logo
Menu
  • About Us
    About Us
    • Newsroom
    • Case Studies
    • Events
    • News & Communications
    • Press Articles
    • About Us
  • Services
  • SOLUTIONS
    SOLUTIONS
    • Productivity & Collaboration
    • SharePoint Intranets
    • Enterprise Social Networks
    • Digital Workplaces
    • The Accelerator by WM reply
    • Core Technologies
    • SharePoint
    • Power Platform
    • Microsoft Teams
    • Office 365
    • Dynamics 365
    • Sitecore
    • Microsoft Exchange
    • Yammer
    • Skype for Business
    • Nintex Workflows
    • Business Solutions
    • Mobile Applications
    • Document Management
    • Consumer Experience
    • SharePoint Websites
    • SharePoint Extranets
  • Careers
  • Contact us
  • about Reply
  • join
WM Reply Logo

Search

Focus On

News & Communication

Security experts identify faults in Microsoft Azure

FOCUS ON: Azure, Microsoft,

The cloud-based computing service from Microsoft has been discovered to contain severe security weaknesses.

Leading cyber security specialist Check Point has uncovered two major security issues with Microsoft Azure. The weaknesses identified by security researchers at the firm could potentially be taken advantage of by cyber criminals to obtain access and gather sensitive data stored on any machines that are running Azure. Hackers can also exploit the flaws to take control of Microsoft Azure servers.

Security weakness in Microsoft Azure Stack

A software solution for cloud-based computing, Azure Stack was designed and produced by the tech giant to enable enterprises, from SMEs to international organisations, to employ their own company data centres to deliver users Azure services. The Redmond-based firm created the hybrid solution in order to give companies the capacity to start utilising cloud computing services on their own personalised terms, while empowering them to address both technical and business considerations effectively.

The first Azure security defect was identified in the Azure Stack solution. If exploited, the weakness would allow a hacker to acquire access to a variety of sensitive data, including user screenshots from machines using Azure.

Check Point’s specialist researchers were able to obtain sensitive information and take screenshots from both infrastructure machines and Azure tenants by capitalising on the security weakness. For the cybercriminal to take full advantage of the defect, however, they would need to acquire authorised access from the Azure Stack Portal first. With this level of access, the hackers would then be enabled to send out counterfeit HTTP requests.

Security flaw in the Microsoft Azure App

Developed by Microsoft to empower users with the ability to host and build back-ends for mobile, RESTful APIs and web apps in their chosen programming language without needing managing infrastructure. The Platform as a Service (PaaS) from Microsoft is fully managed and integrates Azure websites along with other offered services into on single service while including new capabilities to allow integration with cloud systems or on-premises.

The flaw identified by researchers over at Check Point in the Azure App revealed that a hacker could use the weakness to take total control of a whole Azure server. The cybercriminal would in effect then possess complete control of an organisation’s business code.

Check Point experts were able to show evidence that a cybercriminal could compromise Azure tenant data, accounts and application. The hacker would set up a free user account within the Azure Cloud, utilising it to run malicious operations in Azure. The specialist security firm revealed its findings to Microsoft who then collaborated with it on fixing the discovered Azure vulnerabilities. Complete patches for the security defect in Azure Stack and Azure app were both made available to prevent exploitation by hackers.

If your company uses Microsoft technology to its advantage, you can rely on our team for advice and support. Experts on business solutions from Microsoft, we’ll ensure your intranet is always running smoothly and securely with the very latest services available. Contact us here at WM Reply for streamlined support in your corner.

RELATED CONTENTS

27.08.2020

News & Communication

Getting more out of Microsoft Teams

It’s fair to say that life after Covid 19 is going to be very different for every single one of us. Will we return to offices? Will we have a combination of office and working from home? Will we move to permanent home-based working? Whatever your solution, it has never been more important to think about how you make the most of your collaboration tools! That’s where Microsoft Teams comes in.

26.08.2020

News & Communication

New Microsoft partner launches powerful laptop for learning

A dual device, the Kano PC laptop features an innovative design that enables users to remove or click new parts into place as they increase their IT skills. Recently released around the world, the product rollout coincides with an announcement from Kano, introducing its new partnership with Microsoft.

19.08.2020

News & Communication

Financial tech firm joins Microsoft in new cloud initiative

London-based fintech company Finastra has now signed an agreement with Microsoft to assist financial firms all over the world in taking advantage of the tech-giant’s cloud platform Azure, and the state-of-the-art digital tools it offers enterprises.

 
 
 
 
Reply ©​​ 2021 - Company Information
  • Abou​t Reply​​
  • Investors​​​
  • Newsroom
  • Follow Reply on
​
  • ​About WM Reply
  • Privacy Policy
  • Information (Client)
  • Information (Supplier)
  • Information (Candidate)