DIRS.INFO The most relevant business & tech news

☆ US government review faults Microsoft for ‘cascade’ of errors that allowed Chinese hackers to breach senior US officials’ emails
▼ + stars: | 2024-04-02 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +3 min

Washington CNN —Microsoft committed a “cascade” of “avoidable errors” that allowed Chinese hackers to breach the tech giant’s network and later the email accounts of senior US officials last year, including the secretary of commerce, a scathing US government-backed review of the incident has found. In particular, the review board faulted Microsoft (MSFT) for not adequately protecting a sensitive cryptographic key that allowed the hackers to remotely sign into their targets’ Outlook accounts by forging credentials. The hackers downloaded about 60,000 emails from the State Department alone, department spokesman Matthew Miller has said. Microsoft has “mobilized our engineering teams to identify and mitigate legacy infrastructure, improve processes, and enforce security benchmarks,” the statement continued. Russian hackers allegedly infiltrated software made by US firm SolarWinds to steal emails from US government agencies in 2020.

Persons: ”, Joe Biden, “, China Nicholas Burns, Antony Blinken, Matthew Miller, Gina Raimondo, Raimondo, Cory Simpson, ” Simpson Organizations: Washington CNN, Microsoft, US, Department of Homeland Security, CNN, State Department, Institute, Infrastructure Technology Locations: Washington, China, Russia

☆ Russian state-backed hackers accessed Microsoft’s core software systems, company says
▼ + stars: | 2024-03-08 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +2 min

CNN —Russian state-backed hackers gained access to some of Microsoft’s core software systems in a hack first disclosed in January, the company said Friday, revealing a more extensive and serious intrusion into Microsoft’s systems than previously known. Hackers with access to source code can use it for follow-on attacks on other systems. Microsoft first revealed the breach in January, days before another Big Tech company, Hewlett Packard Enterprise, said the same hackers had breached its cloud-based email systems. The hacking group was behind the infamous breach of several US agency email systems using software made by US contractor SolarWinds, which was revealed in 2020. US officials have attributed the hacking group to Russia’s foreign intelligence service.

Organizations: CNN, Microsoft, US Securities and Exchange Commission, Big Tech, Hewlett Packard Enterprise, Kremlin, SolarWinds, Homeland Security, SEC Locations: Russian, Russia

BOSTON (AP) — Hewlett Packard Enterprise disclosed Wednesday that suspected state-backed Russian hackers broke into its cloud-based email system and stole data from cybersecurity and other employees. It said it believed the hackers were from Cozy Bear, a unit of Russia's SVR foreign intelligence service. It said the Russian hackers accessed accounts of senior Microsoft executives as well as cybersecurity and legal employees. Political Cartoons View All 253 ImagesCompany spokesman Adam R. Bauer, reached by email, would not say who informed HPE of the breach. “We're not sharing that information at this time.” Bauer said the compromised email boxes were running Microsoft software.

Persons: Cozy Bear, ”, Adam R, Bauer, HPE, We're, ” Bauer, ” HPE Organizations: BOSTON, Hewlett Packard Enterprise, Securities and Exchange, Microsoft, SharePoint, . Securities, Exchange, Hewlett, Packard Inc Locations: Russian, Redmond, Washington, U.S, Europe, Spring , Texas

☆ HPE hacked by same Russian intelligence group that hit Microsoft
▼ + stars: | 2024-01-24 | by ( Jonathan Vanian | In | ) www.cnbc.com time to read: +2 min

Antonio Neri, president and chief executive officer of Hewitt Packerd Enterprise (HPE), speaks during the HPE Discovery CIO Summit in Las Vegas, Nevada, U.S., on Tuesday, June 19, 2018. HPE said that it is still investigating the hack, which it believes was related to another incident that occurred in June 2023. During that event, the hackers managed to compromise "a limited number of SharePoint files as early as May 2023," HPE wrote in the filing. "Upon undertaking such actions, we determined that such activity did not materially impact the Company." In 2020, this same Russian intelligence-linked hacking group also conducted the infamous breach of government supplier SolarWinds.

Persons: Antonio Neri, Hewitt, Bridget Bennett, Bear, HPE Organizations: Enterprise, Bloomberg, Getty, Hewlett Packard Enterprise, Microsoft, SolarWinds Locations: Las Vegas , Nevada, U.S, Russian

☆ What Microsoft’s hack means for its $20 billion cybersecurity franchise and its rivals
▼ + stars: | 2024-01-22 | by ( Morgan Chittum | ) www.cnbc.com time to read: +5 min

Microsoft 's hacking disclosure could be a challenge for its $20 billion-a-year cybersecurity franchise but bullish news for fellow portfolio name and rival Palo Alto Networks. Microsoft stock was trading modestly lower Monday but has climbed more than 5% since the start of 2024 following last year's 56% gains. Microsoft's cybersecurity incident doesn't leave us any less bullish on the mega-cap name. While its cybersecurity business pulls in about $20 billion in annual sales, Microsoft's revenue jumped 7% in 2023 to nearly $212 billion. The Securities and Exchange Commission's (SEC) new disclosure rules around cybersecurity attacks could be another catalyst for Palo Alto, Jim added.

Persons: hasn't, Nobelium, Jim Cramer, Jim, Palo, Exchange Commission's, Nikesh Arora, Estee Lauder, Clorox, Okta, Jim Cramer's, Satya Nadella, Justin Sullivan Organizations: Microsoft, Palo Alto Networks, Wall, SolarWinds, Apple, JPMorgan, Securities, Exchange, SEC, Palo Alto, Corporations, Palo, CNBC, MGM Resorts, Caesars Entertainment Locations: Russian, Palo, Palo Alto, Davos, Switzerland, San Francisco

☆ CrowdStrike CEO talks Microsoft's security breach and explains why Russian hackers are hard to beat
▼ + stars: | 2024-01-22 | by ( Julie Coleman | ) www.cnbc.com time to read: +2 min

In a Monday interview with CNBC's Jim Cramer, CrowdStrike CEO George Kurtz discussed Microsoft 's high-profile security breach by a Russian intelligence group, saying these adversaries have a determined "low and slow" approach to hacking that's especially tough to beat. Thought to be part of the Russian foreign intelligence service SVR, Nobelium is also known as Midnight Blizzard and Cozy Bear. Nobelium has tried to breach the systems of U.S. allies as well as the Department of Defense. He said CrowdStrike uses its algorithms to string together these "low signals" and identify such adversaries. Kurtz added that CrowdStrike has been able to stop the group in the past, saying that some of Microsoft's customers seek additional support from his company.

Persons: CNBC's Jim Cramer, George Kurtz, Cozy Bear, Kurtz, it's, Nobelium, CrowdStrike Organizations: Microsoft, Nobelium, Midnight, Cozy, Department of Defense, SolarWinds Locations: Russian, U.S, China

☆ Microsoft says Russian hackers attacked it to find information about themselves
▼ + stars: | 2024-01-20 | by ( Lakshmi Varanasi | ) www.businessinsider.com time to read: +3 min

Microsoft said on Friday that its security systems were breached by a Russian hacking group. Microsoft identified the group as Midnight Blizzard, which was behind the SolarWinds cyberattack. AdvertisementMicrosoft said Friday that its systems were breached by Russian hackers who accessed a "very small percentage" of corporate email accounts. The attack was launched by Midnight Blizzard — the seasoned Russian hacking group behind the massive 2020 attack on US information technology firm SolarWinds, which exposed sensitive information in the US federal government. But federal investigators said they found evidence the hackers accessed Microsoft Office 365.

Persons: — Organizations: Microsoft, Midnight, Service, Midnight Blizzard, Initiative Locations: Russian, China

It said the same highly skilled Russian hacking team behind the SolarWinds breach was responsible. “A very small percentage” of Microsoft corporate accounts were accessed, the company said, and some emails and attached documents were stolen. A company spokesperson said Microsoft had no immediate comment on which or how many members of its senior leadership had their email accounts breached. In a regulatory filing Friday, Microsoft said it was able to remove the hackers' access from the compromised accounts on or about Jan. 13. After gaining a foothold, they used the account's permissions to access the accounts of the senior leadership team and others.

Persons: “ Organizations: BOSTON, —, Microsoft, . Securities, Exchange, SEC, Google, Cozy, Justice, Treasury Locations: — State, Russian, Redmond , Washington, U.S, Europe

☆ Microsoft says Russian hacking group accessed email accounts of senior leaders
▼ + stars: | 2024-01-19 | by ( Catherine Thorbecke | ) edition.cnn.com time to read: +2 min

CNN —A Russian hacking group gained access to some email accounts of Microsoft senior leaders, the software giant disclosed in a regulatory filing Friday afternoon. “Microsoft has identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as Nobelium.”Nobelium, notably, is the same group responsible for the infamous SolarWinds breach back in 2020. Microsoft said it is in the process of notifying employees whose email was accessed. There is currently no evidence that the hackers had any access to customer environments or AI systems, Microsoft said. Microsoft systems have been the target of multiple recent high-profile hacking efforts.

Persons: ” Nobelium, SolarWinds, — Organizations: CNN, Microsoft, Midnight Blizzard, Hackers, Midnight, Federal Bureau of Investigation, Infrastructure Security Agency Locations: Russian

Microsoft said in a Friday regulatory filing that a Russian intelligence group accessed some of the software maker's top executives' email accounts. The company said a group called Nobelium carried out the attack, which it detected last week. Microsoft and the U.S. government consider Nobelium to be a part of the Russian foreign intelligence service SVR. The hacking group was responsible for one of the most prolific breaches in U.S. history, when it breached government supplier SolarWinds in 2020. It was also implicated alongside another Russian hacking group in the 2016 breach of the Democratic National Committee's systems.

Persons: Amy Hood, Brad Smith, Satya Nadella, Nobelium Organizations: Microsoft, Infrastructure Security Agency, U.S, SolarWinds, Department of Defense, Democratic National Locations: Russian, U.S

☆ The Cybersecurity Lawsuit That Boards Are Talking About
▼ + stars: | 2023-11-18 | by ( Sarah Kessler | More About Sarah Kessler | ) www.nytimes.com time to read: +2 min

Most experts agree that, regardless of the lawsuit’s outcome, it could affect how companies handle cybersecurity risks. In July, the agency adopted new cybersecurity disclosure requirements set to take effect in December. They require companies to report material attacks within four days and to make yearly disclosures about their cybersecurity risk management, strategy and governance. In a June speech, the S.E.C.’s enforcement director, Gurbir Grewal, said it had “zero tolerance for gamesmanship” around cybersecurity disclosures. No CISO can now risk basically painting an unrealistically positive picture of cybersecurity.”

Persons: Gurbir Grewal, ” Wolff, ‘, Ramakrishna, it’ll, ”, Jake Williams, CISOs Organizations: cybersecurity

☆ SEC alleges SolarWinds and key executive misled investors about cybersecurity prior to 'massive' cyberattack
▼ + stars: | 2023-10-31 | by ( Rohan Goswami | In Rohangoswamicnbc | ) www.cnbc.com time to read: +6 min

"We allege that, for years, SolarWinds and Brown ignored repeated red flags about SolarWinds' cyber risks, which were well known throughout the company," SEC enforcement director Gurbir Grewal said in a press release. SolarWinds went public in 2018, and made only "generic" disclosures about cybersecurity risk in both its prospectus and in continued filings, the complaint said. However, the SEC alleged that SolarWinds and Brown knew that the company's cybersecurity practices were weak, pointing to an internal presentation from Brown that was made the same month SolarWinds went public. It appears to be one of the first times the SEC has alleged a company misled and defrauded investors over cybersecurity risks. In reality, Brown knew that the company was not following those best practices, the SEC alleged.

Persons: SolarWinds, Tim Brown, Brown, Gurbir Grewal, weren't, Solarwinds, Kevin Thompson, Sudhakar Ramakrishna, Mr, Alec Koch Organizations: SolarWinds Corp, New York Stock Exchange, Securities and Exchange Commission, SEC, software, Orion, unf, Regulators, MGM Resorts, CNBC Locations: New York, U.S, Russian, Clorox, SolarWinds

☆ SEC Sues SolarWinds Over 2020 Hack Attributed to Russians
▼ + stars: | 2023-10-30 | by ( Dave Michaels | Kim S. Nash | ) www.wsj.com time to read: 1 min

An attorney for SolarWinds calls the SEC’s lawsuit ‘overreach.’ Photo: sergio flores/ReutersThe Securities and Exchange Commission on Monday sued SolarWinds , the software company victimized by Russian-linked hackers over three years ago, alleging the firm defrauded shareholders by repeatedly misleading them about its cyber vulnerabilities and the ability of attackers to penetrate its systems. The SEC’s lawsuit is a milestone in its evolving attempt to regulate how public companies deal with cybersecurity. A hack that steals business secrets or customer data often pummels the victim company’s stock price, showing why firms with public shareholders have to accurately disclose such threats, the SEC says. The regulator recently imposed stricter cybersecurity reporting rules for public companies.

Persons: ‘, sergio flores, SolarWinds Organizations: ’, Reuters, Securities, Exchange Commission, Monday, cybersecurity, SEC

U.S. regulators on Monday sued SolarWinds, a Texas-based technology company whose software was breached in a massive 2020 Russian cyberespionage campaign, for fraud for failing to disclose security deficiencies ahead of the stunning hack. Detected in December 2020, the SolarWinds hack penetrated U.S. government agencies including the Justice and Homeland Security departments, and more than 100 private companies and think tanks. Koch added that “we look forward to defending his reputation and correcting the inaccuracies in the SEC’s complaint." Brown's current title at SolarWinds is chief information security officer. Capitalizing on the supply-chain hack, the Russian cyber operators then stealthily penetrated select targets including about a dozen U.S. government agencies and prominent software and telecommunications providers.

Persons: SolarWinds, Tim Brown, Brown, Alec Koch, Koch, Gurbir S, Grewal, “, ”, Biden, Chad Wolf Organizations: Securities and Exchange Commission, Justice and Homeland Security, SEC, Fortune, New, Homeland Locations: Texas, Russian, New York, SolarWinds, cyberattacks, Austin , Texas, North America, Europe, Asia

☆ Microsoft must be held responsible for China's U.S. government email hack, Senator Wyden demands
▼ + stars: | 2023-07-27 | by ( Rohan Goswami | In Rohangoswamicnbc | ) www.cnbc.com time to read: +4 min

Chinese hackers accessed the Microsoft-powered email accounts of top China envoys, Commerce Secretary Gina Raimondo, and Secretary of State Antony Blinken. Wyden asked that the Justice Department examine whether Microsoft had violated federal law through its negligence; that CISA examine whether Microsoft violated best practices for securing the highly sensitive "skeleton key;" and that the Federal Trade Commission examine whether Microsoft violated federal privacy statutes. Both the State Department and the Commerce Department were targeted by Chinese hackers. Wyden noted it wasn't the first time that a foreign government had hacked government agencies by exploiting Microsoft vulnerabilities. Both Microsoft and federal officials have disclosed relatively little about the hack, though Microsoft has disseminated additional information and made concessions to customers to mitigate the impact of the exploitation.

Persons: Sen, Ron Wyden, Joe Biden's, Gina Raimondo, Antony Blinken, Wyden, Merrick Garland, Lina Khan, Jen Organizations: Democratic, Finance, Justice Department, Microsoft, Federal Trade Commission, Infrastructure Security Agency, Google, FTC, State Department, Commerce Department, Department's Locations: Washington, China

☆ Victims of Cyberattack on File-Transfer Tool Pile Up
▼ + stars: | 2023-07-19 | by ( Catherine Stupp | ) www.wsj.com time to read: +6 min

The list of companies hit by a cyberattack on a widely used software tool continues to expand and several victims have filed lawsuits alleging mishandling of data. The continued disclosure of new victims affected by hackers exploiting a vulnerability in MoveIt, a common file-transfer tool from Progress Software, underscores how cyberattacks can ripple through supply chains. Some companies have been drawn into data breaches without having used MoveIt because their business partners use it. The Cl0p ransomware group has taken responsibility for the cyberattacks and posted data from some victims on its underground website. A 2021 cyberattack on a tool similar to MoveIt—Accellion’s File Transfer Appliance—had similar ripple effects.

Persons: ”, Brett Callow, cyberattacks, Callow, Genworth, PBI, “, Shell, Rob Carr, Suzie Squier, Johns, Johns Hopkins, Emsisoft’s Callow, Catherine Stupp Organizations: Progress Software, . Progress, Progress, Shell, BBC, Energy Department, Genworth Financial, Social, PBI Research Services, U.S . Department of Health, Human Services, Colorado State University, BG Group, Johns Hopkins University, Getty Locations: British, MoveIt, Kaseya, Johns Hopkins

It can boost security, especially for small organizations that lack the resources to run their own IT or security departments. But competitors squeezed by Microsoft's security offering are sounding the alarm over how wide swaths of industry and government were effectively putting all their eggs in one basket. Adair said he understood that Microsoft wanted to make money from its premium security product. He noted that the hackers - which Microsoft nicknames Storm-0558 - were caught only because someone at the State Department with access to Microsoft's top-of-the-line logging noticed an anomaly in their forensic data. "Having Microsoft further empower customers and security companies so they can work together is probably the best way," Adair said.

Persons: Steven, Adair, Gina Raimondo, Microsoft, Ron Wyden, Redmond, Adam Meyers, CrowdStrike, Raphael Satter, Matthew Lewis Organizations: Microsoft, NASA, Reuters, U.S, State Department, Storm, Thomson Locations: cyberdefense, U.S, Washington

Chinese hackers intent on collecting intelligence on the United States gained access to government email accounts, Microsoft disclosed on Tuesday night. In a blog post, Microsoft said about 25 organizations, including government agencies, had been compromised by the hacking group, which used forged authentication tokens to get access to individual email accounts. Hackers had access to at least some of the accounts for a month before the breach was detected, Microsoft said. The new intrusion involved far fewer email accounts and did not go as deep into the targeted systems, Microsoft officials said. Nevertheless, having access to government email for a month before being detected could allow the hackers to learn information useful to the Chinese government and its intelligence services.

Organizations: United, Microsoft Locations: United States

☆ SolarWinds executives receive Wells notice from US SEC
▼ + stars: | 2023-06-23 | by ( ) www.reuters.com time to read: +1 min

June 23 (Reuters) - SolarWinds (SWI.N) said on Friday that some of its former and current executives had been issued a Wells notice by the U.S. Securities and Exchange Commission over a massive cyberattack in 2020 that the software firm was tied to. While a Wells notice does not necessarily mean the recipients have violated any law, the SEC issues the letter to firms when it is planning to bring an enforcement action against them. The company was at the center of a cybersecurity crisis in December 2020, after hackers compromised SolarWinds software updates and used them to access data of thousands of companies and government offices that used its products. In November last year, the SEC had recommended an enforcement action against the software firm over its public statements on cybersecurity and procedures governing such disclosures. Reporting by Samrhitha Arunasalam in Bengaluru; Editing by Maju SamuelOur Standards: The Thomson Reuters Trust Principles.

Persons: Samrhitha, Maju Samuel Organizations: U.S . Securities, Exchange Commission, SEC, Thomson Locations: U.S, Russia, Bengaluru

☆ SolarWinds chief vows to fight any legal action from US regulators over alleged Russian hack
▼ + stars: | 2023-06-23 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +3 min

The US Securities and Exchange Commission has informed current and former SolarWinds executives that it intends to recommend “civil enforcement action” alleging the company broke federal securities laws in its public statements and “internal controls” related to the hack, SolarWinds said in a filing with regulators on Friday. The SEC notice is an indication that US regulators are moving closer to bringing a civil lawsuit against SolarWinds that could result in fines or other penalties. For several months in 2020, hackers used software made by SolarWinds and other technology firms to burrow into US government agencies and corporate victims in an apparent spying campaign. After the hack became public, US lawmakers demanded answers from federal cybersecurity officials on why the hackers were undetected for so long, as well as criticized SolarWinds for its security practices prior to the hack. But SolarWinds says it has instituted numerous security reforms in the years since the hack, and has pushed that message of reform in public appearance with federal officials.

Persons: SolarWinds, –, Biden, “, ”, Sudhakar Ramakrishna, SolarWinds “, ” Ramakrishna Organizations: CNN, US Securities and Exchange, Justice, Homeland Security, SEC Locations: Russian, ” Austin , Texas, Moscow

In a letter to the Federal Trade Commission on Wednesday, Google alleged Microsoft uses unfair licensing terms to "lock in clients" to exert control over the cloud-computing market. The letter was sent in response to a broad FTC request for comment on potential anti-competitive acts in the cloud industry. Google described Microsoft's licensing restrictions as a "complex web" that prevents businesses from diversifying their enterprise software vendors. Microsoft and Google both have active cybersecurity practices that respond to and research cyber threats. In its FTC letter, Microsoft also alleged Oracle's practices are harmful to customers.

Persons: Trump, Ken Paxton Organizations: Google, Microsoft, Federal Trade Commission, U.S . Department of Justice, Texas, Oracle, Netscape Locations: Europe, U.S

☆ Data of 237,000 US government employees breached
▼ + stars: | 2023-05-12 | by ( David Shepardson | ) www.reuters.com time to read: +2 min

WASHINGTON, May 12 (Reuters) - The personal information of 237,000 current and former federal government employees has been exposed in a data breach at the U.S. Transportation Department (USDOT), sources briefed on the matter said on Friday. The breach hit systems for processing TRANServe transit benefits that reimburse government employees for some commuting costs. The breach impacted 114,000 current employees and 123,000 former employees. Federal employees and agencies have been target of hackers in the past. Two breaches at the U.S. Office of Personnel Management (OPM) in 2014 and 2015 compromised sensitive data belonging to more than 22 million people, including 4.2 million current and federal employees along with fingerprint data of 5.6 million of those individuals.

☆ Here are the 34 tech companies most likely to be snapped up by private equity firms like Vista and Thoma Bravo in 2023, according to bankers and market data
▼ + stars: | 2022-12-24 | by ( Ben Bergman | Stephanie Palazzolo | ) www.businessinsider.com time to read: +22 min

With a stock price down 45% in the last year, though, it may soon find itself on the other side of the table. But it has $732 million in cash on hand, with zero debt, and analysts are projecting 16% revenue growth. This year, though, Varonis has come back to earth — its stock price has sunk over 57% in the last 12 months. However, with strong projected 2023 revenue growth of 18.6%, Zuora remains a strong target for PE firms. Its stock price has been hammered, going down about 40% this year and making it the subject of mergers-and-acquisitions chatter.

☆ Here are the 34 tech companies most likely to be on the holiday shopping lists of private-equity firms after valuations plunged this year, according to bankers and private data
▼ + stars: | 2022-12-15 | by ( Ben Bergman | Stephanie Palazzolo | ) www.businessinsider.com time to read: +22 min

☆ Reported Ransomware Incidents, Costs Soared in 2021, Treasury Says
▼ + stars: | 2022-11-04 | by ( James Rundle | ) www.wsj.com time to read: +4 min

U.S. banks flagged ransomware-related transactions adding up to more than $1 billion in 2021, the Treasury Department said, although risk experts said that barely scratches the surface of cybercrime’s true economic scale. In 2020, such transactions totaled $416 million across 487 reports. FinCEN is an arm of the Treasury that analyzes financial data to identify money laundering, terrorist financing and other crimes. Reports from the first six months of 2021 alone exceeded the total for all of 2020, FinCEN said, noting that around 75% of incidents in 2021 stemmed from Russia-based cyber actors. Newsletter Sign-up WSJ Pro Cybersecurity Cybersecurity news, analysis and insights from WSJ's global team of reporters and editors.

Search resuls for: "SolarWinds"

25 mentions found