AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

HP Enterprise data breach: Nobelium investigated

In-depth analysis of the recent cyber attack on HP Enterprise and possible connections with past episodes

HP Enterprise suffered a cyber attack where data was stolen from its emails, probably by Midnight Blizzard, a group linked to Russian intelligence. The connection with other similar attacks is being investigated.

This pill is also available in Italian language

Recently, HP Enterprise suffered a security breach involving its cloud-based email system. The breach is currently the subject of an in-depth investigation, but the elements gathered so far point suspicions towards Midnight Blizzard. This body, associated with Russian intelligence and better known as Nobelium, has already been implicated in major cyber incidents. Preliminary investigations suggest that sensitive data was compromised and stolen from email accounts of information security personnel.

Possible connection with previous attacks

Midnight Blizzard is renowned for its cybertactical offensives against senior institutions, including a major attack on Microsoft earlier this year. During that assault, data was stolen from a small set of email accounts, affecting senior figures and those in charge of protecting the systems. The technique employed, known as "password spray", involved using a series of potential passwords in rapid succession to force access to employee profiles.

The epic heist at SolarWinds

However, Midnight Blizzard's boldest blow occurred at the end of 2020, when they struck SolarWinds, a US administrative software company. This maneuver allowed them to infiltrate various US and international government agencies, including Europe and Asia. At that time, critical data was removed, including the source code of some core Microsoft products such as Azure, Intune and the Exchange server.

Containment and reaction measures

Following this recent assault, HP Enterprise not only investigated the incident, but promptly implemented strategies aimed at mitigating the damage. These included remediating infected systems and strengthening their defenses. The need to perfect internal security mechanisms to avoid future similar incidents and protect the organisation's information assets remains at the center of attention.

Follow us on WhatsApp for more pills like this

01/25/2024 21:54

Marco Verro

Last pills

Google Cloud security predictions for 2024: how AI will reshape the cybersecurity landscapeFind out how AI will transform cybersecurity and address geopolitical threats in 2024 according to Google Cloud report

AT&T: data breach discovered that exposes communications of millions of usersDigital security compromised: learn how a recent AT&T data breach affected millions of users

New critical vulnerability discovered in OpenSSH: remote code execution riskFind out how a race condition in recent versions of OpenSSH puts system security at risk: details, impacts and solutions to implement immediately

Discovery of an AiTM attack campaign on Microsoft 365A detailed exploration of AiTM attack techniques and mitigation strategies to protect Microsoft 365 from advanced compromises