Aviation


  • Japan links Chinese hacker MirrorFace to dozens of cyberattacks targeting security and tech data

    January 8, 2025

    Japan on Wednesday linked more than 200 cyberattacks over the past five years targeting the country’s national security and high technology data to a Chinese hacking group, MirrorFace, detailing their tactics and calling on government agencies and businesses to reinforce preventive measures. MirrorFace sent emails with attachments containing malware to targeted organizations and individuals to view ...

  • ICAO ‘investigating’ security breach after hacker claims theft of personal data

    January 7, 2025

    UN aviation agency ‘investigating’ security breach after hacker claims theft of personal data The International Civil Aviation Organization (ICAO), a United Nations agency that defines international operating standards for civil aviation, has confirmed it’s investigating a cybersecurity incident. In a statement published on Monday, ICAO said it is “actively investigating reports of a potential information security ...

  • Cyber attack on Italy’s Foreign Ministry, airports claimed by pro-Russian hacker group

    December 28, 2024

    Hackers targeted around ten official websites in Italy on Saturday, including the websites of the Foreign Ministry and Milan’s two airports, putting them out of action temporarily, the country’s cyber security agency said. The pro-Russian hacker group Noname057(16) claimed the cyber attack on Telegram, saying Italy’s “Russophobes get a well deserved cyber response”. Read more… Source: MSN News Sign ...

  • Cyberattack on JAL delays some flights, disrupts operations

    December 26, 2024

    Japan Airlines announced on Dec. 26 that its computer network was hit by a cyberattack, which delayed some flights while the company worked to restore the system and resume normal operations. According to JAL, the cyberattack caused a heavy access load to the network equipment connecting internal and external offices from 7:24 a.m. that morning. The ...

  • Lazarus group evolves its infection chain with old and new malware

    December 19, 2024

    Over the past few years, the Lazarus group has been distributing its malicious software by exploiting fake job opportunities targeting employees in various industries, including defense, aerospace, cryptocurrency, and other global sectors. This attack campaign is called the DeathNote campaign and is also referred to as “Operation DreamJob”. Kaspersky researchers have previously published the history of ...

  • Space tech giant Maxar confirms hacker accessed employees’ personal data

    November 18, 2024

    U.S. space technology and satellite giant Maxar has confirmed a data breach involving the personal information of its employees, according to a filing with state regulators. The Colorado-headquartered Maxar operates imaging satellites and manufactures spacecraft, and claims to operate one of the largest commercial satellite constellations on orbit. Maxar has long been a significant provider of ...

  • Threats in space (or rather, on Earth): Internet-exposed GNSS receivers

    November 13, 2024

    Global Navigation Satellite Systems (GNSS) are collections, or constellations of satellite positioning systems. There are several GNSSs launched by different countries currently in operation: GPS (US), GLONASS (Russia), Galileo (EU), BeiDou Navigation Satellite System (BDS, China), Navigation with Indian Constellation (NavIC, India) and Quazi-Zenith Satellite System (QZSS, Japan). These systems are used for positioning, navigation ...

  • TIDRONE Targets Military and Satellite Industries in Taiwan

    September 6, 2024

    Since the beginning of 2024, Trend Micro have been receiving incident response cases from Taiwan. Trend Micro researchers track this unidentified threat cluster as TIDRONE. Their research reveals that the threat actors have shown significant interest in military-related industry chains, particularly in the manufacturers of drones. Furthermore, telemetry from VirusTotal indicates that the targeted countries are ...

  • Port of Seattle says it was hit with possible cyberattack; outage affects airport, phone systems

    August 25, 2024

    The Port of Seattle said Saturday it was hit with a “possible cyberattack” that impacted Seattle-Tacoma International Airport, phone systems, and websites. The outage was first reported Saturday morning just after 9 a.m. PT, described as an “internet and web systems outage.” A few hours later, Seattle-Tacoma International Airport posted on X and said the Port ...

  • US FAA revising aircraft cybersecurity rules

    August 22, 2024

    US regulators are seeking to revise and simplify the framework for cybersecurity provision on aircraft, in order to harmonise with European certification standards and avoid continually having to issue special conditions. This revision follows several years of work to address the need to protect against unlawful electronic interference as aircraft systems have evolved – notably since ...

  • Approach to mainframe penetration testing on z/OS

    August 20, 2024

    Information technology is developing at a rapid pace, with completely new areas emerging, such as DevOps and DevSecOps – and we’re striving to keep up. However, in some projects, you may encounter systems built on rather outdated principles. Such systems must be approached with care, since a single mistake can lead to data loss and ...

  • CrowdStrike Took Down Australia And Half The World Now Facing Massive Compensation Claims

    July 19, 2024

    The reputation of a Company that describes themselves as one of the world’s best cyber security Companies is in tatters tonight, with the US business facing the potential of being sued by hundreds of business including major retailers in Australia and insurance Companies looking to claw back payouts for lost income, airline delays and customers ...

  • What Is CrowdStrike? Security Company Implicated In Online Outage

    July 19, 2024

    CrowdStrike is a company that provides cloud-based online security solutions. Its software is used by some of the largest players in cloud services, including Amazon’s AWS. CrowdStrike has also been implicated in the global outage that has impacted retailers, airlines, media companies and more. The company’s co-founder has acknowledged the issue, and says a fix has ...

  • Microsoft IT outage linked to cyber security firm Crowdstrike hits airlines, railways, NHS and media outlets globally

    July 19, 2024

    The ‘most serious IT outage the world has ever seen’ sparked global chaos today – with planes and trains grounded, the NHS disrupted, shops closed, football teams unable to sell tickets and banks and TV channels knocked offline. The devastating technical fault caused Windows computers to suddenly shut down, prompting departure boards to immediately turn off ...

  • Alleged breached data of Airport and Aviation Services Sri Lanka surfaces online

    July 10, 2024

    A recent post on the notorious cybercrime forum BreachForums claims that the Airport and Aviation Services Sri Lanka (AASL) has suffered a data breach. According to the post, the breached data contains approximately 7,083 records that include names, NICs, emails, passport numbers, and other sensitive data. Blurred screenshot of post alleging Airport and Aviation Services Sri ...

  • The US Wants to Integrate the Commercial Space Industry With Its Military to Prevent Cyber Attacks

    June 29, 2024

    The US military recently launched a groundbreaking initiative to strengthen ties with the commercial space industry. The aim is to integrate commercial equipment into military space operations, including satellites and other hardware. This would enhance cybersecurity for military satellites. As space becomes more important to the world’s critical infrastructure, the risk increases that hostile nation-states will ...

  • Stopping Chinese cyberattacks is officially now the biggest priority for US security forces

    June 25, 2024

    The US Department of Homeland Security (DHS) has shuffled its priorities to place battling the “cyber and other threats posed by the People’s Republic of China” at the top of the list, at least until the end of 2025. China has been conducting numerous cyber attacks against US infrastructure, particularly focussing on internet-facing endpoints within water ...

  • Japan’s space agency was hit by multiple cyberattacks, but officials say no sensitive data was taken

    June 21, 2024

    Japan’s space agency has suffered a series of cyberattacks since last year, but sensitive information related to rockets and satellites was not affected and it is continuing to investigate and take preventive measures, officials said Friday. Chief Cabinet Secretary Yoshimasa Hayashi acknowledged that the Japan Aerospace Exploration Agency, or JAXA, has had “a number of” cyberattacks ...

  • Sapphire Werewolf polishes Amethyst stealer to attack over 300 companies

    June 5, 2024

    Since March 2024, the BI.ZONE Threat Intelligence team has been tracking the cluster of activity dubbed Sapphire Werewolf. The threat actor targets Russia’s industries, such as education, manufacturing, IT, defense, and aerospace engineering. Over 300 attacks were carried out using Amethyst, an offshoot of the popular open‑source SapphireStealer. The attackers disguise the malware as an enforcement ...

  • Boeing says it refused to pay massive ransomware demand

    May 9, 2024

    Boeing has revealed it refused to pay a $200 million ransom demand from ransomware hackers who stole a tranche of sensitive data in 2023. The incident impacted elements of its parts and distribution business, but that flight safety was not compromised. LockBit’s affiliates walked away with 43 gigabytes of data, for which they later demanded an ...