August 12, 2022
A digital vulnerability in the computer systems used on some Boeing Co aircraft that could have allowed malicious hackers to modify data and cause pilots to make dangerous miscalculations has been fixed, security researchers said on Friday.
Older versions of a digital tool used to calculate landing and take-off speeds on some aircraft could be tampered ... July 19, 2022
An Indian flight booking website majority-owned by US retail colossus Walmart has experienced a data breach, but is saying very little about what happened or the risks to customers.
News of the breach emerged on Monday, when customers received a message.
While the message to customers assures them that “no sensitive information pertaining to your Cleartrip account” ... July 11, 2022
Aerojet Rocketdyne, which makes propulsion and power systems for launch vehicles, missiles and satellites for NASA and the US military, has agreed to pay $9 million to settle charges it misrepresented its products’ compliance with cybersecurity requirements in federal government contracts.
The El Segundo, California-based company has a deep history in American space and military contracting, ... July 5, 2022
The German Federal Office for Information Security (BSI) has put out an IT baseline protection profile for space infrastructure amid concerns that attackers could turn their gaze skywards.
The document, published last week, is the result of a year of work by Airbus Defence and Space, the German Space Agency at the German Aerospace Center (DLR), ... April 19, 2022
Despite being unknown even to industry practitioners, the Data Distribution Service (DDS) protocol has been in use for more than a decade. This middleware software technology is responsible for running billions of public and private devices and mechanisms currently in use. DDS is integral in embedded systems that require real-time machine-to-machine communication, facilitating a reliable ... April 1, 2022
Tens of thousands of Viasat satellite broadband modems that were disabled in a cyber-attack some weeks ago were wiped by malware with possible links to Russia’s destructive VPNFilter, according to SentinelOne.
On February 24, as Russian troops invaded Ukraine, Viasat terminals in Europe and Ukraine were suddenly and unexpectedly knocked offline and rendered inoperable. This caused, ... March 29, 2022
A powerful and effective cyberattack on the Russian Federal Air Transport Agency (Rosaviatsia) infrastructure that took place on Saturday morning has erased all documents, files, aircraft registration data and mails from the servers. In total, about 65 terabytes of data was erased. The news became known on Monday morning, the agency’s official website (favt.ru) went ... March 18, 2022
Britain and the United States have warned organisations of the risks associated with using satellite communications following a cyberattack on satellite internet modems as Russia invaded Ukraine.
Western intelligence agencies have been investigating the attack which disrupted broadband satellite internet access provided by U.S. telecommunications firm Viasat, Reuters reported last week.
“It’s certainly something we’re investigating quite ... March 17, 2022
CISA and the Federal Bureau of Investigation (FBI) are aware of possible threats to U.S. and international satellite communications (SATCOM) networks. Successful intrusions into SATCOM networks could create additional risk for SATCOM network customer environments.
In response, CISA and FBI have published joint Cybersecurity Advisory (CSA) Strengthening Cybersecurity of SATCOM Network Providers and Customers, which provides ... March 2, 2022
Russia will consider any cyberattacks targeting Russian satellite infrastructure an act of war, as the country’s space agency director said in a TV interview.
Dmitry Rogozin, the current head of the Russian Roscosmos State Space Corporation, added that such attempts would also be considered crimes and investigated by Russia’s law enforcement agencies.
“Because disabling the satellite group ... February 26, 2022
British Airways has cancelled all short-haul flights from Heathrow until midday leaving passengers stranded while further disruption is expected throughout Saturday due to ongoing technical issues.
The airline said the problem, which may also cause delays for its customers using Gatwick and London City Airport, is related to a hardware issue and is not because of ... February 4, 2022
Swiss airport management service Swissport reported a ransomware attack affecting its IT systems on Friday. The company said the ransomware attack targeted its IT infrastructure.
The group behind the attack was not named.
Also: Prosecutors investigating cyberattacks affecting multiple Belgian and Dutch ports “The attack has been largely contained, and we are working actively to fully resolve the ... January 30, 2022
The Unmanned Aerial Systems (UAS) industry has become a massive technological playground worldwide. Their extensive applications make UAS very popular for the public and the private sector. Armed forces, agricultural industry, law enforcement, meteorological agencies, medical services, environmental companies, and oil refineries are but a few out of the excessive list of UAS users. UAS ... January 6, 2022
The Transportation Security Administration will impose new cybersecurity mandates on the railroad and airline industries, including reporting requirements as part of a department effort to force compliance in the wake of high-profile cyberattacks on critical industries, Homeland Security Secretary Alejandro Mayorkas announced Wednesday.
DHS is moving to require more companies in critical transportation industries to meet ... December 16, 2021
A suspected, state-sponsored Iranian threat group has attacked an airline with a never-before-seen backdoor.
On Wednesday, cybersecurity researchers from IBM Security X-Force said an Asian airline was the subject of the attack, which likely began in October 2019 until 2021.
The advanced persistent threat (APT) group ITG17, also known as MuddyWater, leveraged a free workspace channel on ... November 11, 2021
New Zealand’s Government Communications Security Bureau (GCSB) – the nation’s signals intelligence and infosec agency – will retire its Waihopai satellite communications interception station because it’s no longer needed.
“The nature of telecommunications has changed, and other needs and capabilities have overtaken the sort of satellite communication interception that has been done at Waihopai,” said Andrew ... October 12, 2021
In late August and early September 2021, Kaspersky technologies detected attacks with the use of an elevation of privilege exploit on multiple Microsoft Windows servers. The exploit had numerous debug strings from an older, publicly known exploit for vulnerability CVE-2016-3309, but closer analysis revealed that it was a zero-day. We discovered that it was using ... October 1, 2021
A new APT group has emerged that’s specifically targeting the fuel and energy complex and aviation industry in Russia, exploiting known vulnerabilities like Microsoft Exchange Server’s ProxyShell and leveraging both new and existing malware to compromise networks.
Researchers at security firm Positive Technologies have been tracking the group, dubbed ChamelGang for its chameleon-like capabilities, since March. ... September 17, 2021
Researchers have unmasked a lengthy campaign against the aviation sector, beginning with the analysis of a Trojan by Microsoft.
On May 11, Microsoft Security Intelligence published a Twitter thread outlining a campaign targeting the “aerospace and travel sectors with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AsyncRAT.”
Read more…
Source: ZDNet
September 16, 2021
A two-year-old espionage campaign against the airline industry is ongoing, with AsyncRAT and other commodity remote-access trojans (RATs) helping those efforts take flight. The campaign can effectively be a bird strike to the business engine, so to speak, resulting in data theft, financial fraud or follow-on attacks, researchers said, who have uncovered new details about ...
