Follow us on Twitter
Follow us on FacebookMicrosoft slammed for poor security
@ 2023/08/07Tries to keep too much secret
Software King of the world Microsoft has been slammed by a security company for its poor security on Azure and for encouraging a "culture of toxic obfuscation."
Tenable CEO Amit Yoran said Vole was "grossly irresponsible" and mired in a "culture of toxic obfuscation."
Yoran slammed Vole for failing to fix a "critical" issue that gives hackers unauthorised access to data and apps managed by Azure AD, a Microsoft cloud offering for handling user authentication inside large organisations.
Tenable notified Microsoft of the problem in March and Microsoft reported 16 weeks later that it had been fixed. Tenable researchers told Microsoft that the fix was incomplete. Microsoft set a date for providing a complete fix to September 28.
"To give you an idea of how bad this is, our team very quickly discovered authentication secrets to a bank," Yoran wrote.
"They were so concerned about the issue's seriousness and ethics that we immediately notified Microsoft."
Software King of the world Microsoft has been slammed by a security company for its poor security on Azure and for encouraging a "culture of toxic obfuscation."
Tenable CEO Amit Yoran said Vole was "grossly irresponsible" and mired in a "culture of toxic obfuscation."
Yoran slammed Vole for failing to fix a "critical" issue that gives hackers unauthorised access to data and apps managed by Azure AD, a Microsoft cloud offering for handling user authentication inside large organisations.
Tenable notified Microsoft of the problem in March and Microsoft reported 16 weeks later that it had been fixed. Tenable researchers told Microsoft that the fix was incomplete. Microsoft set a date for providing a complete fix to September 28.
"To give you an idea of how bad this is, our team very quickly discovered authentication secrets to a bank," Yoran wrote.
"They were so concerned about the issue's seriousness and ethics that we immediately notified Microsoft."
