Cyber security news for all

More

    HP Enterprise Breach: Russian Hackers Tied to DNC Breach Strike Again

    Russian hackers linked to the Kremlin are suspected of breaching the information technology giant Hewlett Packard Enterprise (HPE), targeting its cloud email environment to pilfer mailbox data.

    HPE Cybersecurity Breach: Suspected Infiltration by Russian Hackers

    In a regulatory filing with the U.S. Securities and Exchange Commission (SEC), HPE revealed that a threat actor, believed to have ties to the Russian government, gained unauthorized access to and extracted data from a portion of HPE mailboxes, including those belonging to cybersecurity personnel, go-to-market teams, and various business segments.

    Attribution to APT29: The Notorious Russian State-Sponsored Group

    The intrusion has been linked to APT29, a notorious Russian state-sponsored hacking group also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard (formerly Nobelium), and The Dukes.

    Microsoft Also Targeted: A Coordinated Cyberattack

    Coincidentally, Microsoft reported a similar breach, implicating the same threat actor, where corporate systems were compromised in late November 2023, resulting in the theft of emails and attachments from senior executives and personnel in cybersecurity and legal departments.

    Lengthy Persistence: Undetected Breach for Over Six Months

    HPE disclosed that the breach was discovered on December 12, 2023, indicating that the threat actors had access to its network for more than six months without detection.

    Continued Threat: APT29’s Persistent Actions

    This breach seems to be part of a larger campaign by APT29, with a prior security event involving unauthorized access to and extraction of SharePoint files as early as May 2023. Despite being alerted to the activity in June 2023, the threat actors managed to maintain access.

    Minimal Impact: Reassurance Amidst Breach

    Although the scale of the attack and the specific email data accessed were not disclosed, HPE reassured stakeholders that the breach has not materially affected its operations to date.

    APT29’s Track Record: Noteworthy Cyber Incursions

    APT29, allegedly affiliated with Russia’s Foreign Intelligence Service (SVR), has been implicated in several high-profile cyberattacks, including the 2016 breach of the U.S. Democratic National Committee (DNC) and the 2020 SolarWinds supply chain compromise.

    Recent Articles

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox

    [tdn_block_newsletter_subscribe input_placeholder="Email address" btn_text="Subscribe" tds_newsletter2-image="730" tds_newsletter2-image_bg_color="#c3ecff" tds_newsletter3-input_bar_display="" tds_newsletter4-image="731" tds_newsletter4-image_bg_color="#fffbcf" tds_newsletter4-btn_bg_color="#f3b700" tds_newsletter4-check_accent="#f3b700" tds_newsletter5-tdicon="tdc-font-fa tdc-font-fa-envelope-o" tds_newsletter5-btn_bg_color="#000000" tds_newsletter5-btn_bg_color_hover="#4db2ec" tds_newsletter5-check_accent="#000000" tds_newsletter6-input_bar_display="row" tds_newsletter6-btn_bg_color="#da1414" tds_newsletter6-check_accent="#da1414" tds_newsletter7-image="732" tds_newsletter7-btn_bg_color="#1c69ad" tds_newsletter7-check_accent="#1c69ad" tds_newsletter7-f_title_font_size="20" tds_newsletter7-f_title_font_line_height="28px" tds_newsletter8-input_bar_display="row" tds_newsletter8-btn_bg_color="#00649e" tds_newsletter8-btn_bg_color_hover="#21709e" tds_newsletter8-check_accent="#00649e" embedded_form_code="YWN0aW9uJTNEJTIybGlzdC1tYW5hZ2UuY29tJTJGc3Vic2NyaWJlJTIy" tds_newsletter="tds_newsletter1" tds_newsletter3-all_border_width="2" tds_newsletter3-all_border_color="#e6e6e6" tdc_css="eyJhbGwiOnsibWFyZ2luLWJvdHRvbSI6IjAiLCJib3JkZXItY29sb3IiOiIjZTZlNmU2IiwiZGlzcGxheSI6IiJ9fQ==" tds_newsletter1-btn_bg_color="#0d42a2" tds_newsletter1-f_btn_font_family="406" tds_newsletter1-f_btn_font_transform="uppercase" tds_newsletter1-f_btn_font_weight="800" tds_newsletter1-f_btn_font_spacing="1" tds_newsletter1-f_input_font_line_height="eyJhbGwiOiIzIiwicG9ydHJhaXQiOiIyLjYiLCJsYW5kc2NhcGUiOiIyLjgifQ==" tds_newsletter1-f_input_font_family="406" tds_newsletter1-f_input_font_size="eyJhbGwiOiIxMyIsImxhbmRzY2FwZSI6IjEyIiwicG9ydHJhaXQiOiIxMSIsInBob25lIjoiMTMifQ==" tds_newsletter1-input_bg_color="#fcfcfc" tds_newsletter1-input_border_size="0" tds_newsletter1-f_btn_font_size="eyJsYW5kc2NhcGUiOiIxMiIsInBvcnRyYWl0IjoiMTEiLCJhbGwiOiIxMyJ9" content_align_horizontal="content-horiz-center"]