Welcome reader to your CybersecurityHQ report.

Headlines

Microsoft executives were a target in a recent attack by the Russian-backed hacker group Midnight Blizzard, according to a regulatory filing with the SEC on Friday. The attack was detected on January 12. The same group used a password spray attack on Microsoft in November 2023.
The attackers escalated privileges to access a small percentage of Microsoft corporate email accounts, including those of senior leadership and employees in cybersecurity, legal, and other functions. Microsoft clarified that the attack didn't exploit vulnerabilities in its products or services and that there was no access to customer environments, production systems, source code, or AI systems.

In another major attack disclosure, VF Corp (the parent company of brands like The North Face and Vans) reported on Thursday that a ransomware attack on December 13th impacted 35 million of its customers. The attack was claimed by none other than the notorious ransom gang ALPHV/BlackCat. In Thursday’s amended SEC filing, the company claimed it doesn’t retain its customers' social security numbers, bank account information, or payment card information.

The company has mostly restored systems and data, intending to file a claim with its cyber insurance carrier for financial losses. The attack disrupted holiday operations, causing delays in order fulfillment and shipments, leading to customer order cancellations and reduced e-commerce traffic.

The world said goodbye to Dr. David L. Mills, who died at the age of 65 on January 17. Mills invented the Network Time Protocol (NTP) in 1985 to synchronize time across different computer systems and networks — a framework that the entire internet works on to this day. NTP has become a fundamental protocol, operating on literally billions of devices around the world, helping to coordinate time across continents.

Mills made many other contributions to the architecture of the internet throughout his career, earning awards and legendary status among his peers in the world of computer science and electrical engineering.

Interesting Read

In this interesting read, Madison Goldberg (writing for Wired) details recent breakthroughs from a group of cryptographers working to make internet searches truly private. Their work addresses the challenge of privately accessing large databases, making private Google-like searches a possibility. 

While current methods are not practically useful, the optimistic view is that further optimization could make private lookups from giant databases achievable, offering hope for enhanced online privacy.

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team