CyberSec Roundup
A synopsis of the Latest Cybersecurity News
Passenger Data Hacked from Airlines Worldwide
SITA disclosed this week that their servers were hacked late in February. SITA provides IT and communications services to many airlines around the world, and it was their Passenger Service System servers that were compromised. SITA did not give many details of the nature of the breach, but they reported that it was a highly sophisticated attack that has now been contained. It is hard to say the number of affected travelers at this point, but the number figured to be quite high. Passengers who are part of frequent flyer programs such as OneWorld, Star Alliance and Lufthansa Group’s Miles were affected.
Microsoft Exchange Zero-Day Exploit
Last week Microsoft alerted customers about a zero-day vulnerability affecting on-premise Exchange Servers, which was exploited by a Chinese state sponsored hacking group called Hafnium. The attackers can deploy a web shell on a compromised server which would allow them to steal information and potentially compromise the network. CISA and the DHS have warned organizations about the situation and advised them to patch their servers immediately or disconnect them from the network, as there are various government departments and companies that have been affected.
Qualys Hacked
The Accellion based breaches continue to pile up, as the cybersecurity firm Qualys is the latest company to confirm they were breached. The Clop ransomware group is behind this attack as they posted screenshots of the files they stole. Qualys reported that the attack only affected information from their customer support system, but the screenshots posted from Clop show other internal documents.
By: David Pinder
IT & Security Consultant
Certified Ethical Hacker