At this time last week, I was writing about Microsoft getting pwned by Midnight Blizzard who also are known as Cosy Bear. Well, HPE has joined the list of companies that were pwned by this group. Here are the details:
A Russia-based threat actor known as “Cozy Bear” or “Midnight Blizzard” has breached some of HPE’s corporate mailboxes, the company revealed on Thursday in a Securities and Exchange Commission (SEC) filing.
“Based on our investigation, we now believe that the threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,” HPE said in the SEC filing.
HPE said that after being notified in June 2023 of unauthorized access to SharePoint files dating back to May 2023 by a known threat actor, it conducted an investigation with external cybersecurity experts and took containment measures.
“We determined that such activity did not materially impact the Company,” it concluded.
Sure it didn’t. But I will come back to that later. Right now I want to serve up commentary from Craig Burland, CISO, Inversion6:
Cozy Bear’s latest incursions are a not-so-subtle reminder of two things: 99% isn’t good enough in cybersecurity and if the high-level APTs want to get in, they will. Of Microsoft’s massive defensible perimeter, they left a single gate relatively unguarded – a user credential protected with just a username and password. The compromise of that account led to a bigger prize for Cozy Bear.
There are a number of sayings in the cyber business about the defenders needing to be right all the time. This example reinforces that notion. But, perfect prevention is not easily gained. The commitment, discipline, and cost to reach and maintain perfect prevention is staggering. Instead, while humbling and troubling, the wiser strategy is to accept that breach is probable and spend equal time considering what you do after the initial breach.
I’ll follow that with commentary from Anurag Gurtu, CPO, StrikeReady:
The recent cyberattack on Microsoft and HPE by the Russian hacker group Cozy Bear highlights a critical challenge in cybersecurity. This incident, involving a sophisticated password spray attack that compromised high-level corporate emails, demonstrates the need for continuous vigilance and advanced security protocols in the tech industry. It underscores the evolving nature of cyber threats and the importance of robust defense mechanisms to protect sensitive information in a digitally interconnected world.
The thing is, a group like this wouldn’t be hacking into HPE or Microsoft to get stuff that wasn’t a material impact. They are a nation state group of hackers who are aligned with Russia. So there’s likely more to this. And either we don’t know about it, or HPE and Microsoft don’t know about it. I guess we’ll eventually find out.
Three Pieces Of Mac Software That You Should Know About
Posted in Commentary on January 27, 2024 by itnerdLike most of you out there, I customize my Mac to meet my needs. And to do that, I am on the lookout for software that allows me to add some sort of functionality to my Mac. Sometimes very specific functionality. And I will be talking about three of those pieces of software today.
I’m going to start with Clyde which is an alarm system for your Mac. Here’s the scenario it’s designed for. You’re in a coffee shop with your MacBook and you need to go to the washroom. Sure you can ask some total stranger to watch your stuff. But that’s not going to guarantee that anything will get stolen. That’s where Clyde comes in. When you enable it on your MacBook and leave the lid open, it will lock the screen. If some criminal low life scumbag then tries to steal your MacBook, they are likely to close the lid to make it easier to escape with your MacBook. When they do that, a super loud alarm that they cannot disable will go off attracting attention. And when I say super loud, I mean it. On top of that, you will get an alert and a phone call on your iPhone and Apple Watch. That way you can stop the scumbag from escaping, assuming that others haven’t beaten the scumbag senseless. It’s $9 one time purchase, but there is also a free version that simply has the alarm. I’d invest in the $9 version as that’s cheaper than a new MacBook.
Next up is MonitorControl which is a free app. Its job is to control the brightness of non-Apple displays via an icon on the menu bar. It works quite well for those of us who run multiple monitors on our Macs like I do as I don’t have to fiddle with the buttons on the monitor if I want to adjust something. Brightness control of non-Apple monitors is something that macOS doesn’t do out of the box which makes this free app handy. Though I suspect that Apple will “Sherlock” this feature as that’s what Apple does.
The final app that I’d like to talk about is AppCleaner. This is a free app that cleanly uninstalls Mac applications that don’t have an uninstaller. Which is most apps for the Mac. The thing with Mac apps is that they scatter bits and pieces of themselves all over your hard drive. So even if you if you get rid of the main application, something is guaranteed to be left behind in some odd place on your hard drive. AppCleaner solves that problem for me. Which is important as I am often trying pieces of software for my clients, and I don’t want my hard drive cluttered with the bits and pieces of apps that I don’t use.
Are there apps that help you to customize your Mac to fit your needs? If there are, please leave a comment and feel free to share them.
1 Comment »