Hewlett Packard Enterprise said on Wednesday that its cloud-based email system was compromised by Midnight Blizzard, a Russia-linked hacking group that recently broke into Microsoft’s corporate network.
Midnight Blizzard is a notorious hacking group that is widely believed to be sponsored by the Russian government.
HPE said an internal investigation has since determined that the Russia-backed hacking group “accessed and exfiltrated data” from a “small percentage” of HPE mailboxes starting in May 2023.
“The accessed data is limited to information contained in the users’ mailboxes,” Bauer told TechCrunch.
“We don’t have the details of the incident that Microsoft experienced and disclosed last week, so we’re unable to link the two at this time,” Bauer told TechCrunch.
Hewlett Packard Enterprise said on Wednesday that its cloud-based email system was compromised by Midnight Blizzard, a Russia-linked hacking group that recently broke into Microsoft’s corporate network.
Midnight Blizzard is a notorious hacking group that is widely believed to be sponsored by the Russian government.
HPE said an internal investigation has since determined that the Russia-backed hacking group “accessed and exfiltrated data” from a “small percentage” of HPE mailboxes starting in May 2023.
“The accessed data is limited to information contained in the users’ mailboxes,” Bauer told TechCrunch.
“We don’t have the details of the incident that Microsoft experienced and disclosed last week, so we’re unable to link the two at this time,” Bauer told TechCrunch.
Hewlett Packard Enterprise said on Wednesday that its cloud-based email system was compromised by Midnight Blizzard, a Russia-linked hacking group that recently broke into Microsoft’s corporate network.
Midnight Blizzard is a notorious hacking group that is widely believed to be sponsored by the Russian government.
HPE said an internal investigation has since determined that the Russia-backed hacking group “accessed and exfiltrated data” from a “small percentage” of HPE mailboxes starting in May 2023.
“The accessed data is limited to information contained in the users’ mailboxes,” Bauer told TechCrunch.
“We don’t have the details of the incident that Microsoft experienced and disclosed last week, so we’re unable to link the two at this time,” Bauer told TechCrunch.
Hewlett Packard Enterprise said on Wednesday that its cloud-based email system was compromised by Midnight Blizzard, a Russia-linked hacking group that recently broke into Microsoft’s corporate network.
Midnight Blizzard is a notorious hacking group that is widely believed to be sponsored by the Russian government.
HPE said an internal investigation has since determined that the Russia-backed hacking group “accessed and exfiltrated data” from a “small percentage” of HPE mailboxes starting in May 2023.
“The accessed data is limited to information contained in the users’ mailboxes,” Bauer told TechCrunch.
“We don’t have the details of the incident that Microsoft experienced and disclosed last week, so we’re unable to link the two at this time,” Bauer told TechCrunch.
Hackers breached Microsoft to find out what Microsoft knows about themOn Friday, Microsoft disclosed that the hacking group it calls Midnight Blizzard, also known as APT29 — and widely believed to be sponsored by the Russian government — hacked some corporate email accounts, including those of the company’s “senior leadership team and employees in our cybersecurity, legal, and other functions.”Curiously, the hackers didn’t go after customer data or the traditional corporate information they may have normally gone after.
They wanted to know more about themselves, or more specifically, they wanted to know what Microsoft knows about them, according to the company.
“The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself,” the company wrote in a blog post and SEC disclosure.
According to Microsoft, the hackers used a “password spray attack” — essentially brute forcing — against a legacy account, then used that account’s permissions to “to access a very small percentage of Microsoft corporate email accounts.”Microsoft did not disclose how many email accounts were breached, nor exactly what information the hackers accessed or stole.
Microsoft took advantage of news of this hack to talk about how they are going to move forward to make itself more secure.
U.S. repairable laptop maker Framework has confirmed that hackers accessed customer data after successfully phishing an employee at its accounting service provider.
In an email sent to affected customers, Framework said that an employee at Keating Consulting, its primary external accounting partner, fell victim to a social engineering attack that allowed malicious hackers to obtain customers’ personal information related to outstanding balances for Framework purchases.
Framework told affected customers that hackers could use this stolen information to impersonate Framework to ask for payment information.
The Silicon Valley-based accounting company, which primarily provides interim financial leadership and back-office support to startups, has almost 300 clients, according to its website.
Framework said that in light of the incident at Keating, the company will require mandatory phishing and social engineering attack training for any of the company’s employees who have access to Framework customers’ information.
Basecamp founders’ email service Hey is fighting with Apple again — this time over the rejection of its new calendar app from the App Store.
Last week, Basecamp launched an integrated calendar service with Hey, along with a new standalone app for it.
On Saturday, Hey’s co-founder David Heinemeier Hansson posted on X that Apple has rejected Hey’s standalone calendar app.
In 2020, Apple first rejected Hey’s email app because users couldn’t sign up for the service on the app.
So Hey’s calendar app should be allowed on the App Store.
But a prominent customer is now accusing Carta of misusing sensitive information that startups entrust to the company in pursuit of its own goals.
The claim is raising wider questions about how Carta operates, even as Carta argues the incident was isolated.
Feeling betrayed by Carta, Saarinen wrote on LinkedIn, “This might be the end of Carta as the trusted platform for startups.
Ward also said the email to the Linear investor is not something that Carta condones.
The cap table business and the CartaX (private stock liquidity) business are separate business units with separate teams and leadership.
An email, penned by newly minted president and CTO Mo Elshenawy, was sent this morning to the entire 3,800-person workforce.
Cruise is targeting non-engineering jobs in the layoffs, particularly those people who worked in the field, commercial operations and corporate staffing, according to the email.
Engineering, a category that makes up the bulk of the Cruise workforce, is largely being preserved, according to the content of the email and discussions with internal sources.
The layoffs have been largely expected at Cruise for weeks now.
GM and the Cruise board have been scrambling ever since the October 2 incident put the company in the crosshairs of state, local and federal agencies.
Proton Mail finally has a native desktop app, rolling out now in beta for some users on Windows and MacOS.
The encrypted email service has, of course, been available to desktop users since its inception nearly a decade ago — first through the web, and latterly via a “bridge” that opened access to Proton Mail accounts through desktop clients such as Outlook, Thunderbird, and Apple Mail.
The desktop app provides offline access and is available directly from the Windows Start menu or MacOS dock, while it also bundles access to Proton Calendar, the encrypted calendar app Proton launched back in 2019.
Alongside the new app, Proton also unveiled a handful of new features that will be available to Proton Mail users on both the web and desktop.
Privacy pushFounded in 2014, Proton initially only offered encrypted email, but the Swiss company has expanded into VPNs, a password manager, calendar and a cloud storage service called Proton Drive which also has its own desktop app.
