Microsoft reportedly shut down a server last month that exposed Microsoft employees' passwords, keys and credentials on the open internet, as the company faces increasing pressure to bolster the security of its software.
according to TechCrunchthree security researchers at SOCRadar — a company that specializes in discovering vulnerabilities in corporate cybersecurity — discovered that a server hosted on Azure that stores sensitive data linked to Microsoft's Bing search engine had been left open without password protection, meaning it could be accessed by anyone Connected. The server contains a variety of security credentials that Microsoft employees use to access internal systems, contained within various scripts, code, and configuration files.
Exposed credentials may leak more important data and potentially compromise the services being used.
One researcher said, it was Euleri TechCrunch It is possible that hackers could use this exposed data to find and access other areas where Microsoft stores internal data, which “could lead to more important data being leaked and potentially compromised services being used.”
Microsoft was notified of the vulnerability on February 6th, and it was closed by March 5th. It is unclear whether anyone else accessed the exposed server during this time. We've reached out to Microsoft for comment and will update this story if we hear back.
“Web specialist. Lifelong zombie maven. Coffee ninja. Hipster-friendly analyst.”
More Stories
Tokido’s Akuma First Game Impressions After trying out Street Fighter 6’s next DLC early, unsure if the demon is all-powerful
The Google Fit API is set to be shut down, and the fate of the Android app has not been announced
Helldivers 2 PC is bombing due to PSN requirements