They expressed their demand to inform the affected customers before SOCRadar, which our leadership team accepted. How Did We Notify Microsoft?Īs a result of the meeting with the Microsoft Security Response Center (MSRC), SOCRadar paused sending alarms after the Microsoft team asked for some time to analyze the data. Our warning led the cloud service provider to take immediate action and make the bucket private. As a result of our investigations and due to the scope of the issue and its probable adverse repercussions, the SOCRadar management team decided to contact Microsoft. The owner(s) of the buckets did not look like our customers, so we quickly examined the data’s details to find the owner(s). Obviously, this data leak is “not just another one.” After the initial discovery, SOCRadar automatically started sending alarms to its users. The largest one of those misconfigured buckets that the SOCRadar platform has detected contains 2.4TB of data that belongs to 65,000 entities in 111 countries. What is Blue B leed Part I that Impacts 65,000+ Entities ? Due to the size and potential impacts of these public buckets, collectively dubbed BlueBleed, SOCRadar researchers analyzed them to determine potential threats to SOCRadar users. While examining a critical level alarm generated by SOCRadar’s cloud security module for more than one of our customers, we detected multiple misconfigured buckets with data belonging to tens of thousands of companies. SOCRadar platform automatically sent alarms to its affected users whose data was exposed due to misconfigured cloud buckets. SOCRadar’s CSM has so far detected six large cloud buckets that consist of sensitive data belonging to 150,000 companies in 123 countries. We hope that the explanations will make the incident and our intentions clearer. Due to ongoing discussion on the scope and significance of the BlueBleed Leak and Microsoft’s claims about SOCRadar on its blog about the incident, we would like to give more details and answer questions from different channels. SOCRadar has been tireless in expanding its proactive defense capabilities, including a recently developed built-in Cloud Security Module (CSM) that monitors public cloud buckets to detect data leaks. As a cyber threat intelligence company, SOCRadar’s mission is to use every possible piece of information to identify and prevent cyber threats targeting our platform users.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |