Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

Microsoft Warns More Companies Have Been Hacked by Russia’s ‘Midnight Blizzard’ | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | #hacking | #aihp

More companies are expected to disclose they’ve been hacked by Russian-sponsored threat actors who stole emails from executives, according to Microsoft.

The tech giant, which recently disclosed it was hacked in late November, on Thursday warned that it had found more victims and had begun notifying them. Hewlett Packard Enterprise has also revealed it had been a victim of an attack led by the hacking crew tracked as APT29, also known as Midnight Blizzard, according to a regulatory filing.

Both Microsoft and HPE said Russia’s foreign intelligence service has been inside the target companies for months; in Microsoft’s case, the hackers got into its network by repeatedly trying the same passwords on multiple attacks until they got a match.

The U.S. Securities and Exchange Commission last year strengthened rules requiring companies to disclose cybersecurity incidents to shareholders. The SEC’s rules went into effect last month and have helped force the recent disclosures from Microsoft and HPE.

Two security experts told The Washington Post more than 10 companies are expected to disclose system breaches. The hacking group, which has also gone by Cozy Bear, has been active since at least 2010.

Besides the recent attacks, the group’s last major victory was in late 2020, when it got inside software provider SolarWinds. The hackers altered the company’s code and gave itself a backdoor into organizations that downloaded SolarWinds’ software.

Around 18,000 organizations around the world downloaded the affected tools, including the U.S. Department of Treasury and the Department of Homeland Security, Ars Technica reported.

“What sets this group apart is its remarkable combination of discretion, patience, and unwavering persistence, distinguishing them from other cyberthreat actors also funded and acting on behalf of nation-states,” Aric Ward, a former threat analyst at the White House, told the Post.

Like SolarWinds, many companies and agencies rely on Microsoft and HPE for their products, namely cloud services, including email. In its initial announcement, Microsoft said there was no evidence the hacker group accessed its systems.

Click Here For The Original Source.