Skip to main content
Back to Blogs

Intelligence Digest

Midnight Blizzard Rattles Microsoft and HPE in Hacking Fiasco – Skyhigh Security Intelligence Digest

February 26, 2024

By Rodman Ramezanian - Global Cloud Threat Lead, Skyhigh Security

Recently, reports of Microsoft and Hewlett Packard Enterprise (HPE) being breached via their cloud-based email infrastructures have taken the cybersecurity industry by storm.

In 2020, SolarWinds experienced several security breaches. It appears the same actors, now more commonly referred to as Midnight Blizzard (aka Cozy Bear, Nobelium, APT29), appear to be at it again.

Despite the close timing of the disclosures of security breaches at HPE and Microsoft, the prevailing emphasis is on Midnight Blizzard’s persistent international espionage activities. Reports strongly associate this threat group with the Russian Foreign Intelligence Service (SVR), highlighting its ongoing commitment to exploiting vulnerabilities in the digital footprints and assets of various organizations.

Both incidents exhibited a common thread, as the Midnight Blizzard operators managed to infiltrate the cloud-based email environments of HPE and Microsoft. This was achieved through targeted attacks on individual employees’ mailboxes and password spray attacks, indicating a consistent approach employed by the threat group.

What actions are possible? Find out how Skyhigh Security can help defend against attacks like these in our most recent Intelligence Digest.

Back to Blogs

Related Content

News thumbnail
Cloud Security

Secure Your Sensitive Data – Regardless of Where it Resides

Lolita Chandra - April 9, 2024

News thumbnail
Industry Perspectives

Skyhigh Security Wraps Up Regional Sales Event with Partner Support

Jeff Tripp - March 25, 2024

News thumbnail
Industry Perspectives

2024 Ransomware Attacks on Healthcare: A Wake-Up Call for Healthcare Data Security

Hari Prasad Mariswamy - March 18, 2024

Recent blogs

Cloud Security

Secure Your Sensitive Data – Regardless of Where it Resides

Lolita Chandra - April 9, 2024

Industry Perspectives

Skyhigh Security Wraps Up Regional Sales Event with Partner Support

Jeff Tripp - March 25, 2024

Industry Perspectives

2024 Ransomware Attacks on Healthcare: A Wake-Up Call for Healthcare Data Security

Hari Prasad Mariswamy - March 18, 2024

Industry Perspectives

Empowering Women in Tech: Breaking Barriers and Inspiring Inclusion

Kristen Wynne - March 8, 2024