AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Middle East Low Code No Code Summit TimeAI Summit

HP Enterprise data breach: Nobelium investigated

In-depth analysis of the recent cyber attack on HP Enterprise and possible connections with past episodes

HP Enterprise suffered a cyber attack where data was stolen from its emails, probably by Midnight Blizzard, a group linked to Russian intelligence. The connection with other similar attacks is being investigated.

Contribute to spreading the culture of prevention!
Support our cause with a small donation by helping us raise awareness among users and companies about cyber threats and defense solutions.

This pill is also available in Italian language

Recently, HP Enterprise suffered a security breach involving its cloud-based email system. The breach is currently the subject of an in-depth investigation, but the elements gathered so far point suspicions towards Midnight Blizzard. This body, associated with Russian intelligence and better known as Nobelium, has already been implicated in major cyber incidents. Preliminary investigations suggest that sensitive data was compromised and stolen from email accounts of information security personnel.

Possible connection with previous attacks

Midnight Blizzard is renowned for its cybertactical offensives against senior institutions, including a major attack on Microsoft earlier this year. During that assault, data was stolen from a small set of email accounts, affecting senior figures and those in charge of protecting the systems. The technique employed, known as "password spray", involved using a series of potential passwords in rapid succession to force access to employee profiles.

The epic heist at SolarWinds

However, Midnight Blizzard's boldest blow occurred at the end of 2020, when they struck SolarWinds, a US administrative software company. This maneuver allowed them to infiltrate various US and international government agencies, including Europe and Asia. At that time, critical data was removed, including the source code of some core Microsoft products such as Azure, Intune and the Exchange server.

Containment and reaction measures

Following this recent assault, HP Enterprise not only investigated the incident, but promptly implemented strategies aimed at mitigating the damage. These included remediating infected systems and strengthening their defenses. The need to perfect internal security mechanisms to avoid future similar incidents and protect the organisation's information assets remains at the center of attention.

Follow us on WhatsApp for more pills like this

01/25/2024 21:54

Editorial AI

Last pills

LockBit's tenacious activity despite global investigationsChallenges and countermeasures in the war against the LockBit cyber criminal group

Avast fined for illegitimate sale of web dataFines and restrictions imposed on cybersecurity company for misuse of personal data

KeyTrap: DNSSEC flaw discovered by researchersThe vulnerability puts the stability of DNSSEC at risk

Pact between technology companies against electoral manipulationJoint technology initiative to preserve the integrity of democratic voting