Hewlett Packard Enterprise (HPE) recently uncovered a breach in its cloud-based email systems, attributing the attack to the Russian hacking group “Midnight Blizzard.” Occurring on December 12, 2023, the breach affected a small percentage of HPE mailboxes in cybersecurity, go-to-market, and related functions. HPE promptly initiated a response with external cybersecurity experts, linking the incident to the same group that targeted Microsoft’s email accounts earlier that month.
Midnight Blizzard, known for advanced cyber espionage and linked to Russia’s foreign intelligence service, was behind the 2020 SolarWinds attack. The recent HPE breach aligns with their tactic of infiltrating cloud computing networks, noted by the FBI since 2018. HPE’s investigation revealed a connection to a prior incident in May, highlighting the group’s persistent threat.
In parallel, Microsoft reported a breach by Midnight Blizzard, compromising corporate email accounts, including those of senior leaders. The attackers used “password spraying,” prompting concerns about Microsoft’s security practices and scrutiny from US lawmakers. Amid escalating cyber threats, the National Security Agency stresses the imperative for tech giants to bolster defenses against state-backed hackers, emphasizing ongoing challenges in securing sensitive information.
SOURCE: CNN NEWS | JANUARY 26 2024