Skip to main content
Back to Blogs Intelligence Digest

Midnight Blizzard Rattles Microsoft and HPE in Hacking Fiasco – Skyhigh Security Intelligence Digest

By Rodman Ramezanian - Global Cloud Threat Lead, Skyhigh Security

February 26, 2024 < 1 Minute Read

Recently, reports of Microsoft and Hewlett Packard Enterprise (HPE) being breached via their cloud-based email infrastructures have taken the cybersecurity industry by storm.

In 2020, SolarWinds experienced several security breaches. It appears the same actors, now more commonly referred to as Midnight Blizzard (aka Cozy Bear, Nobelium, APT29), appear to be at it again.

Despite the close timing of the disclosures of security breaches at HPE and Microsoft, the prevailing emphasis is on Midnight Blizzard’s persistent international espionage activities. Reports strongly associate this threat group with the Russian Foreign Intelligence Service (SVR), highlighting its ongoing commitment to exploiting vulnerabilities in the digital footprints and assets of various organizations.

Both incidents exhibited a common thread, as the Midnight Blizzard operators managed to infiltrate the cloud-based email environments of HPE and Microsoft. This was achieved through targeted attacks on individual employees’ mailboxes and password spray attacks, indicating a consistent approach employed by the threat group.

What actions are possible? Find out how Skyhigh Security can help defend against attacks like these in our most recent Intelligence Digest.

Back to Blogs

Trending Blogs

Industry Perspectives

Weighing the Benefits and Risks of AI Autopilots

Sekhar Sarukkai October 25, 2024

Industry Perspectives

In Defense of Critical Assets: New Edge Security Guidance from ACSC

Rodman Ramezanian October 22, 2024

Industry Perspectives

Security Risks and Challenges with AI Copilots

Sekhar Sarukkai October 16, 2024

Industry Perspectives

Foundational AI: A Critical Layer with Security Challenges

Sekhar Sarukkai October 10, 2024