Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label cyber intrusion. Show all posts
Tech Giant
Cyber Attacks cyber intrusion Data Leak Russian Hackers Tech Giant

Microsoft Claims Russian Hackers are Attempting to Break into Company Networks.

 

Microsoft warned on Friday that hackers affiliated to Russia's foreign intelligence were attempting to break into its systems again, using data collected from corporate emails in January to seek new access to the software behemoth whose products are widely used throughout the US national security infrastructure.

Some experts were alarmed by the news, citing concerns about the security of systems and services at Microsoft, one of the world's major software companies that offers digital services and infrastructure to the United States government. 

The tech giant revealed that the intrusions were carried out by a Russian state-sponsored outfit known as Midnight Blizzard, or Nobelium.

The Russian embassy in Washington did not immediately respond to a request for comment on Microsoft's statement, nor on Microsoft's earlier statements regarding Midnight Blizzard activity.

Microsoft reported the incident in January, stating that hackers attempted to break into company email accounts, including those of senior company executives, as well as cybersecurity, legal, and other services. 

Microsoft's vast client network makes it unsurprising that it is being attacked, according to Jerome Segura, lead threat researcher at Malwarebytes' Threatdown Labs. He said that it was concerning that the attack was still ongoing, despite Microsoft's efforts to prevent access. 

Persistent Threat

Several experts who follow Midnight Blizzard claim that the group has a history of targeting political bodies, diplomatic missions, and non-governmental organisations. Microsoft claimed in a January statement that Midnight Blizzard was probably gunning after it since the company had conducted extensive study to analyse the hacking group's activities. 

Since at least 2021, when the group was discovered to be responsible for the SolarWinds cyberattack that compromised a number of U.S. federal agencies, Microsoft's threat intelligence team has been looking into and sharing research on Nobelium.

The company stated on Friday that the ongoing attempts to compromise Microsoft are indicative of a "sustained, significant commitment of the threat actor's resources, coordination, and focus.” 

"It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found," the company added. "Some of these secrets were shared between customers and Microsoft in email, and as we discover them in our exfiltrated email, we have been and are reaching out to these customers to assist them in taking mitigating measures.”
Read more »
political cyber attack
anti-Hezbollah message Beirut airport hack cyber intrusion Cyber Security incident Lebanon tensions political cyber attack

Cyber Intruders Disrupt Operations at Beirut International Airport

 

 
Over the weekend, the Flight Information Display Screens at Beirut's international airport fell victim to a hacking incident that not only showcased politically motivated messages but also temporarily disrupted baggage inspection, according to local media reports.

The hackers seized control of the screens at Beirut-Rafic Al Hariri International Airport, replacing the usual plane departure and arrival information with a statement accusing Hezbollah, the Iran-backed militant group based in Lebanon, of leading the country into conflict with Israel. A segment of the message directed blame at Hezbollah, stating, "You bear your responsibility and its consequences, Hezbollah."

Airport authorities disclosed that the cyber attack briefly interfered with the passenger baggage inspection system. However, they emphasized that the flight schedule remained unaffected. Additionally, hackers reportedly sent fake messages to some passengers on behalf of Middle East Airlines, a claim promptly refuted by the airline.

Recent heightened tensions between Lebanon and Israel, marked by frequent exchanges of fire, further amplify the significance of the cyber incident. In a recent Israeli strike on Lebanon, a senior commander in Hezbollah's elite forces was reportedly killed. Israeli officials had previously expressed a preference for restoring security without engaging in a full-scale war with Hezbollah, though readiness for such action was affirmed if necessary.

Attribution for the airport hack points to two domestic hacker groups: The One Who Spoke, a relatively unknown entity, and Soldiers of God, a Christian group previously associated with campaigns against the LGBTQ+ community in Lebanon. The latter group denied involvement. However, reports suggest that "external parties" could be behind the attack, utilizing the names of Lebanese hacker groups to either conceal their identity or incite tension. Some believe that local hackers might lack the requisite technology and capabilities for such an attack.

An anonymous security source, speaking to a Lebanese TV channel, raised the possibility of Israel's involvement as a potential culprit behind the cyber attack. Lebanon's Minister of Public Works and Transportation, Ali Hamieh, provided updates during a press conference on Monday, revealing that approximately 70% of the compromised airport screens had resumed normal operations. As a precautionary measure, the airport was disconnected from the internet to mitigate further damage. The country's security services are actively investigating the hack, with Hamieh anticipating a conclusive determination on whether the breach is internal or external in the coming days.
Read more »
Subscribe to: Posts (Atom)