March 8, 2024 at 11:57PM Microsoft disclosed that the Kremlin-backed threat actor Midnight Blizzard gained access to some source code repositories and internal systems following a hack in January 2024. The company stated that it is investigating the extent of the breach and has increased its security investments in response to the attack. The breach … Read more
March 8, 2024 at 12:32PM The Russian APT group Midnight Blizzard has gained access to Microsoft’s source code and internal systems, posing a serious threat. The attackers, also known as APT29, Cozy Bear, Nobelium, and UNC2452, are escalating their efforts and targeting password-spraying attempts. The breach could lead to zero-day vulnerability exploitation, highlighting the critical … Read more
January 25, 2024 at 02:29PM Russian threat actor “Midnight Blizzard,” also known as Nobelium, breached both Hewlett-Packard Enterprise’s (HPE) and Microsoft’s email environments, exfiltrating data from senior leadership and other segments. Both companies were unaware of the breaches until months later, highlighting the threat’s insidious nature. The attack serves as a sobering reminder of the … Read more
January 22, 2024 at 05:05PM Microsoft’s corporate systems fell victim to a cyberattack by the Russian nation-state actor behind the 2020 SolarWinds Orion software breach. The intrusion, discovered on Jan. 12, breached a small percentage of corporate email accounts, including those of senior leadership, cybersecurity, and legal teams. Microsoft pledged to enhance cybersecurity measures and … Read more
January 19, 2024 at 07:23PM Microsoft disclosed a breach in corporate email accounts, with data stolen by the Russian state-sponsored hacking group Midnight Blizzard. The attack was detected on January 12th, and it was found that Nobelium accessed the accounts through a password spray attack in November 2023. The investigation is ongoing, and Microsoft is … Read more
January 19, 2024 at 07:08PM Microsoft confirmed a breach of corporate email accounts by Russian state-sponsored group Midnight Blizzard. The attack, detected on January 12th, 2023, was initiated via a password spray attack in November 2023. Access was gained to leadership team and legal department emails for over a month, enabling theft of emails and … Read more