Latest news with #USFederalBureauofInvestigation
NDTV
2 days ago
- Business
- NDTV
Microsoft Issues Urgent Security Patch For SharePoint After "Active Attacks"
New Delhi: Tech giant Microsoft has issued urgent security patch after observing "active attacks" on server software used by government agencies and businesses to share documents within organisations. According to Microsoft, the vulnerabilities apply only to SharePoint servers used within organisations. SharePoint Online in Microsoft 365, which is in the cloud, was not hit by the attacks, the organisation informed. "Microsoft is aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update," said the tech giant in ints security advisory. The company recommended security updates that customers should apply immediately. The US Federal Bureau of Investigation (FBI) also said it is aware of the attacks and is working closely with its federal and private-sector partners. The vulnerability is related to a case of remote code execution that arises due to the deserialization of untrusted data in on-premise versions of Microsoft SharePoint Server. Microsoft said the current published content is correct and that the previous inconsistency does not impact the company's guidance for customers. "After applying the latest security updates above or enabling AMSI, it is critical that customers rotate SharePoint server machine keys and restart IIS on all SharePoint servers," Microsoft said. "If you cannot enable AMSI, you will need to rotate your keys after you install the new security update," its added. The US Cybersecurity and Infrastructure Security Agency (CISA) has added 'CVE-2025-53770' vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by July 21, 2025. "Microsoft has released security updates that fully protect customers using SharePoint Subscription Edition and SharePoint 2019 against the risks posed by CVE-2025-53770, and CVE-2025-53771. Customers should apply these updates immediately to ensure they're protected," said the company in its security update.
The Advertiser
04-07-2025
- The Advertiser
No ransom request after Qantas cyber attack
A major airline will soon be able to tell the six million customers whose data was stolen by cyber criminals exactly what type of personal information was harvested. In an update on Friday, Qantas also said the group believed responsible for the incident remained unclear and that it had not received a ransom request. The hack, revealed earlier this week, occurred on a third-party system used by a call centre working for Qantas. Sensitive data such as credit card details, personal financial information, passport details and Qantas Frequent Flyer accounts were not exposed. But millions of customers did have names, dates of birth, and email addresses stolen. Qantas will next week will contact customers individually to tell them exactly what type of personal data was "contained in the system", or compromised. "I want to apologise again for the uncertainty this has caused," chief executive Vanessa Hudson said in a statement. "We're committed to keeping our affected customers informed with regular updates as our investigation progresses." Qantas, which continues to work with the government authorities to investigate the incident, reaffirmed that there has been no further threat in the system and that it remains secure. Multiple cyber experts believe the group responsible for the attack is called Scattered Spider, a cabal of young cyber criminals living in the US and the UK. The US Federal Bureau of Investigation recently warned that the group was targeting the airline sector by impersonating legitimate users to bypass multi-factor authentication and access systems. Airlines such as America's Hawaiian Airlines and Westjet have faced cyber attacks in the past fortnight. Qantas has rolled out additional security measures to counteract any more potential threats and increase detection. These include more security measures for frequent flyer accounts by introducing "additional identification" for account changes. "We are treating this incredibly seriously and have implemented additional security measures to further strengthen our systems," Ms Hudson said. "Our customers can be assured that we have the right expertise and resources dedicated to resolving this matter thoroughly and effectively." Qantas also warned scammers are already impersonating the airline in the wake of the attack and told customers to be vigilant. The airline will never contact customers requesting passwords, booking reference details or sensitive login information. "If customers do receive any suspicious emails, text messages or calls from someone purporting to be Qantas you can report this via our dedicated support line, Scamwatch, or contact local authorities," it said. In the wake of the hack, Qantas has received more than 5000 customer enquiries. Meanwhile, legal experts suggest the incident could lead to a class action against Qantas, after compensation claims were made against Optus and Medibank after major breaches in 2022. Qantas customer support line: 1800 971 541 or +61 2 8028 0534 A major airline will soon be able to tell the six million customers whose data was stolen by cyber criminals exactly what type of personal information was harvested. In an update on Friday, Qantas also said the group believed responsible for the incident remained unclear and that it had not received a ransom request. The hack, revealed earlier this week, occurred on a third-party system used by a call centre working for Qantas. Sensitive data such as credit card details, personal financial information, passport details and Qantas Frequent Flyer accounts were not exposed. But millions of customers did have names, dates of birth, and email addresses stolen. Qantas will next week will contact customers individually to tell them exactly what type of personal data was "contained in the system", or compromised. "I want to apologise again for the uncertainty this has caused," chief executive Vanessa Hudson said in a statement. "We're committed to keeping our affected customers informed with regular updates as our investigation progresses." Qantas, which continues to work with the government authorities to investigate the incident, reaffirmed that there has been no further threat in the system and that it remains secure. Multiple cyber experts believe the group responsible for the attack is called Scattered Spider, a cabal of young cyber criminals living in the US and the UK. The US Federal Bureau of Investigation recently warned that the group was targeting the airline sector by impersonating legitimate users to bypass multi-factor authentication and access systems. Airlines such as America's Hawaiian Airlines and Westjet have faced cyber attacks in the past fortnight. Qantas has rolled out additional security measures to counteract any more potential threats and increase detection. These include more security measures for frequent flyer accounts by introducing "additional identification" for account changes. "We are treating this incredibly seriously and have implemented additional security measures to further strengthen our systems," Ms Hudson said. "Our customers can be assured that we have the right expertise and resources dedicated to resolving this matter thoroughly and effectively." Qantas also warned scammers are already impersonating the airline in the wake of the attack and told customers to be vigilant. The airline will never contact customers requesting passwords, booking reference details or sensitive login information. "If customers do receive any suspicious emails, text messages or calls from someone purporting to be Qantas you can report this via our dedicated support line, Scamwatch, or contact local authorities," it said. In the wake of the hack, Qantas has received more than 5000 customer enquiries. Meanwhile, legal experts suggest the incident could lead to a class action against Qantas, after compensation claims were made against Optus and Medibank after major breaches in 2022. Qantas customer support line: 1800 971 541 or +61 2 8028 0534 A major airline will soon be able to tell the six million customers whose data was stolen by cyber criminals exactly what type of personal information was harvested. In an update on Friday, Qantas also said the group believed responsible for the incident remained unclear and that it had not received a ransom request. The hack, revealed earlier this week, occurred on a third-party system used by a call centre working for Qantas. Sensitive data such as credit card details, personal financial information, passport details and Qantas Frequent Flyer accounts were not exposed. But millions of customers did have names, dates of birth, and email addresses stolen. Qantas will next week will contact customers individually to tell them exactly what type of personal data was "contained in the system", or compromised. "I want to apologise again for the uncertainty this has caused," chief executive Vanessa Hudson said in a statement. "We're committed to keeping our affected customers informed with regular updates as our investigation progresses." Qantas, which continues to work with the government authorities to investigate the incident, reaffirmed that there has been no further threat in the system and that it remains secure. Multiple cyber experts believe the group responsible for the attack is called Scattered Spider, a cabal of young cyber criminals living in the US and the UK. The US Federal Bureau of Investigation recently warned that the group was targeting the airline sector by impersonating legitimate users to bypass multi-factor authentication and access systems. Airlines such as America's Hawaiian Airlines and Westjet have faced cyber attacks in the past fortnight. Qantas has rolled out additional security measures to counteract any more potential threats and increase detection. These include more security measures for frequent flyer accounts by introducing "additional identification" for account changes. "We are treating this incredibly seriously and have implemented additional security measures to further strengthen our systems," Ms Hudson said. "Our customers can be assured that we have the right expertise and resources dedicated to resolving this matter thoroughly and effectively." Qantas also warned scammers are already impersonating the airline in the wake of the attack and told customers to be vigilant. The airline will never contact customers requesting passwords, booking reference details or sensitive login information. "If customers do receive any suspicious emails, text messages or calls from someone purporting to be Qantas you can report this via our dedicated support line, Scamwatch, or contact local authorities," it said. In the wake of the hack, Qantas has received more than 5000 customer enquiries. Meanwhile, legal experts suggest the incident could lead to a class action against Qantas, after compensation claims were made against Optus and Medibank after major breaches in 2022. Qantas customer support line: 1800 971 541 or +61 2 8028 0534 A major airline will soon be able to tell the six million customers whose data was stolen by cyber criminals exactly what type of personal information was harvested. In an update on Friday, Qantas also said the group believed responsible for the incident remained unclear and that it had not received a ransom request. The hack, revealed earlier this week, occurred on a third-party system used by a call centre working for Qantas. Sensitive data such as credit card details, personal financial information, passport details and Qantas Frequent Flyer accounts were not exposed. But millions of customers did have names, dates of birth, and email addresses stolen. Qantas will next week will contact customers individually to tell them exactly what type of personal data was "contained in the system", or compromised. "I want to apologise again for the uncertainty this has caused," chief executive Vanessa Hudson said in a statement. "We're committed to keeping our affected customers informed with regular updates as our investigation progresses." Qantas, which continues to work with the government authorities to investigate the incident, reaffirmed that there has been no further threat in the system and that it remains secure. Multiple cyber experts believe the group responsible for the attack is called Scattered Spider, a cabal of young cyber criminals living in the US and the UK. The US Federal Bureau of Investigation recently warned that the group was targeting the airline sector by impersonating legitimate users to bypass multi-factor authentication and access systems. Airlines such as America's Hawaiian Airlines and Westjet have faced cyber attacks in the past fortnight. Qantas has rolled out additional security measures to counteract any more potential threats and increase detection. These include more security measures for frequent flyer accounts by introducing "additional identification" for account changes. "We are treating this incredibly seriously and have implemented additional security measures to further strengthen our systems," Ms Hudson said. "Our customers can be assured that we have the right expertise and resources dedicated to resolving this matter thoroughly and effectively." Qantas also warned scammers are already impersonating the airline in the wake of the attack and told customers to be vigilant. The airline will never contact customers requesting passwords, booking reference details or sensitive login information. "If customers do receive any suspicious emails, text messages or calls from someone purporting to be Qantas you can report this via our dedicated support line, Scamwatch, or contact local authorities," it said. In the wake of the hack, Qantas has received more than 5000 customer enquiries. Meanwhile, legal experts suggest the incident could lead to a class action against Qantas, after compensation claims were made against Optus and Medibank after major breaches in 2022. Qantas customer support line: 1800 971 541 or +61 2 8028 0534
Perth Now
03-07-2025
- Perth Now
No ransom request after Qantas cyber attack
A major airline will soon be able to tell the six million customers whose data was stolen by cyber criminals exactly what type of personal information was harvested. In an update on Friday, Qantas also said the group believed responsible for the incident remained unclear and that it had not received a ransom request. The hack, revealed earlier this week, occurred on a third-party system used by a call centre working for Qantas. Sensitive data such as credit card details, personal financial information, passport details and Qantas Frequent Flyer accounts were not exposed. But millions of customers did have names, dates of birth, and email addresses stolen. Qantas will next week will contact customers individually to tell them exactly what type of personal data was "contained in the system", or compromised. "I want to apologise again for the uncertainty this has caused," chief executive Vanessa Hudson said in a statement. "We're committed to keeping our affected customers informed with regular updates as our investigation progresses." Qantas, which continues to work with the government authorities to investigate the incident, reaffirmed that there has been no further threat in the system and that it remains secure. Multiple cyber experts believe the group responsible for the attack is called Scattered Spider, a cabal of young cyber criminals living in the US and the UK. The US Federal Bureau of Investigation recently warned that the group was targeting the airline sector by impersonating legitimate users to bypass multi-factor authentication and access systems. Airlines such as America's Hawaiian Airlines and Westjet have faced cyber attacks in the past fortnight. Qantas has rolled out additional security measures to counteract any more potential threats and increase detection. These include more security measures for frequent flyer accounts by introducing "additional identification" for account changes. "We are treating this incredibly seriously and have implemented additional security measures to further strengthen our systems," Ms Hudson said. "Our customers can be assured that we have the right expertise and resources dedicated to resolving this matter thoroughly and effectively." Qantas also warned scammers are already impersonating the airline in the wake of the attack and told customers to be vigilant. The airline will never contact customers requesting passwords, booking reference details or sensitive login information. "If customers do receive any suspicious emails, text messages or calls from someone purporting to be Qantas you can report this via our dedicated support line, Scamwatch, or contact local authorities," it said. In the wake of the hack, Qantas has received more than 5000 customer enquiries. Meanwhile, legal experts suggest the incident could lead to a class action against Qantas, after compensation claims were made against Optus and Medibank after major breaches in 2022. Qantas customer support line: 1800 971 541 or +61 2 8028 0534
RTÉ News
02-07-2025
- Business
- RTÉ News
Qantas says 6 million customer accounts accessed in cyber hack
A cyber hacker broke into a database containing the personal information of millions of customers, Qantas said, in Australia's biggest breach in years and a setback for an airline rebuilding trust after a reputational crisis. The hacker targeted a call centre and gained access to a third-party customer service platform containing six million names, email addresses, phone numbers, birth dates and frequent flyer numbers, Qantas said in a statement today. The airline did not specify the location of the call centre or customers whose information was compromised. It said it learnt of the breach after detecting unusual activity on the platform and acted immediately to contain it. "We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant," Qantas said, reporting no impact on operations or safety. Last week, the US Federal Bureau of Investigation said cybercrime group Scattered Spider was targeting airlines and that Hawaiian Airlines and Canada's WestJet had already reported breaches. Qantas did not name any group. "What makes this trend particularly alarming is its scale and coordination, with fresh reports that Qantas is the latest victim" of a hack, said Mark Thomas, Australia director of security services for cyber security firm Arctic Wolf. Scattered Spider hackers are known to impersonate a company's tech staff to gain employee passwords and "it is plausible they are executing a similar playbook", Thomas said. Charles Carmakal, chief technology officer of Alphabet-owned cybersecurity firm Mandiant, said it was too soon to say if Scattered Spider was responsible but "global airline organisations should be on high alert of social engineering attacks". The breach is Australia's most high-profile since those of telecommunications network operator Optus and health insurance leader Medibank in 2022 prompted cyber resilience laws including mandatory reporting of compliance and incidents. It brings unwelcome attention to Qantas which is trying to win public trust after actions during and after the Covid-19 pandemic saw it plunge on airline and brand league tables. Qantas was found to have illegally sacked thousands of ground workers during the 2020 border closure while collecting government stimulus payments. It also admitted selling thousands of tickets for already-cancelled flights. The airline drew the ire of opposition politicians who said it lobbied the federal government in 2022 to refuse a request from Qatar Airways to sell more flights. Qantas denied pressuring the government which eventually refused the request - a move the consumer regulator said hurt price competition. Qantas CEO Vanessa Hudson has improved the airline's public standing since taking office in 2023, reputation measures showed. "We recognise the uncertainty this will cause," Hudson said of the data breach. "Our customers trust us with their personal information and we take that responsibility seriously." Qantas said it notified the Australian Cyber Security Centre, the Office of the Australian Information Commissioner and the Australian Federal Police. The airline said the hacker did not access frequent flyer accounts or customer passwords, PIN numbers or log in details.
Dubai Eye
02-07-2025
- Business
- Dubai Eye
Australia's Qantas says 6 million customer accounts accessed in cyber hack
A cyber hacker broke into a database containing the personal information of millions of customers, Qantas said, in Australia's biggest breach in years and a setback for an airline rebuilding trust after a reputational crisis. The hacker targeted a call centre and gained access to a third-party customer service platform containing six million names, email addresses, phone numbers, birth dates and frequent flyer numbers, Qantas said in a statement on Wednesday. The airline did not specify the location of the call centre or customers whose information was compromised. It said it learnt of the breach after detecting unusual activity on the platform and acted immediately to contain it. "We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant," Qantas said, reporting no impact on operations or safety. Last week, the US Federal Bureau of Investigation said cybercrime group Scattered Spider was targeting airlines and that Hawaiian Airlines and Canada's WestJet had already reported breaches. Qantas did not name any group. "What makes this trend particularly alarming is its scale and coordination, with fresh reports that Qantas is the latest victim" of a hack, said Mark Thomas, Australia director of security services for cyber security firm Arctic Wolf. Scattered Spider hackers are known to impersonate a company's tech staff to gain employee passwords and "it is plausible they are executing a similar playbook", Thomas said. Charles Carmakal, chief technology officer of Alphabet-owned cybersecurity firm Mandiant, said it was too soon to say if Scattered Spider was responsible but "global airline organisations should be on high alert of social engineering attacks". Qantas' share price was down 2.4 per cent in afternoon trading against an overall market that was up 0.8 per cent. UNWELCOME ATTENTION The breach is Australia's most high-profile since those of telecommunications network operator Optus and health insurance leader Medibank in 2022 prompted cyber resilience laws including mandatory reporting of compliance and incidents. It brings unwelcome attention to Qantas which is trying to win public trust after actions during and after the COVID-19 pandemic saw it plunge on airline and brand league tables. Qantas was found to have illegally sacked thousands of ground workers during the 2020 border closure while collecting government stimulus payments. It also admitted selling thousands of tickets for already-cancelled flights. The airline drew the ire of opposition politicians who said it lobbied the federal government in 2022 to refuse a request from Qatar Airways to sell more flights. Qantas denied pressuring the government which eventually refused the request - a move the consumer regulator said hurt price competition. Qantas CEO Vanessa Hudson has improved the airline's public standing since taking office in 2023, reputation measures showed. "We recognise the uncertainty this will cause," Hudson said of the data breach. "Our customers trust us with their personal information and we take that responsibility seriously." Qantas said it notified the Australian Cyber Security Centre, the Office of the Australian Information Commissioner and the Australian Federal Police. ACSC declined to comment and AFP said only that it was aware of the incident. The OAIC was not immediately available for comment.
