Aviation


  • TSA to impose cybersecurity mandates on railroad and aviation industries

    January 6, 2022

    The Transportation Security Administration will impose new cybersecurity mandates on the railroad and airline industries, including reporting requirements as part of a department effort to force compliance in the wake of high-profile cyberattacks on critical industries, Homeland Security Secretary Alejandro Mayorkas announced Wednesday. DHS is moving to require more companies in critical transportation industries to meet ...

  • Suspected Iranian hackers target airline with new backdoor

    December 16, 2021

    A suspected, state-sponsored Iranian threat group has attacked an airline with a never-before-seen backdoor. On Wednesday, cybersecurity researchers from IBM Security X-Force said an Asian airline was the subject of the attack, which likely began in October 2019 until 2021. The advanced persistent threat (APT) group ITG17, also known as MuddyWater, leveraged a free workspace channel on ...

  • New Zealand spooks say satellite snooping is obsolete – better intel is found elsewhere

    November 11, 2021

    New Zealand’s Government Communications Security Bureau (GCSB) – the nation’s signals intelligence and infosec agency – will retire its Waihopai satellite communications interception station because it’s no longer needed. “The nature of telecommunications has changed, and other needs and capabilities have overtaken the sort of satellite communication interception that has been done at Waihopai,” said Andrew ...

  • MysterySnail attacks IT companies, defence contractors and diplomatic entities with Windows zero-day

    October 12, 2021

    In late August and early September 2021, Kaspersky technologies detected attacks with the use of an elevation of privilege exploit on multiple Microsoft Windows servers. The exploit had numerous debug strings from an older, publicly known exploit for vulnerability CVE-2016-3309, but closer analysis revealed that it was a zero-day. We discovered that it was using ...

  • New APT ChamelGang Targets Russian Energy, Aviation Orgs

    October 1, 2021

    A new APT group has emerged that’s specifically targeting the fuel and energy complex and aviation industry in Russia, exploiting known vulnerabilities like Microsoft Exchange Server’s ProxyShell and leveraging both new and existing malware to compromise networks. Researchers at security firm Positive Technologies have been tracking the group, dubbed ChamelGang for its chameleon-like capabilities, since March. ...

  • Cyberattacks against the aviation industry linked to Nigerian threat actor

    September 17, 2021

    Researchers have unmasked a lengthy campaign against the aviation sector, beginning with the analysis of a Trojan by Microsoft. On May 11, Microsoft Security Intelligence published a Twitter thread outlining a campaign targeting the “aerospace and travel sectors with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AsyncRAT.” Read more… Source: ZDNet  

  • Airline Credential-Theft Takes Off in Widening Campaign

    September 16, 2021

    A two-year-old espionage campaign against the airline industry is ongoing, with AsyncRAT and other commodity remote-access trojans (RATs) helping those efforts take flight. The campaign can effectively be a bird strike to the business engine, so to speak, resulting in data theft, financial fraud or follow-on attacks, researchers said, who have uncovered new details about ...

  • Cybersecurity: Rising risk for airlines

    September 13, 2021

    After remaking their security procedures following the 9/11 attacks to stop airline hijackings, carriers are now faced with rising threats targeting computers and electronic equipment critical to their operations and safety. Since the tragedy 20 years ago on Saturday, airlines and airports have fortified cockpits, barred sharp objects in carry-on luggage and improved technology to ...

  • In space, no one can hear cyber security professionals scream

    September 2, 2021

    “Space is an invaluable domain, but it is also increasingly crowded and particularly susceptible to a range of cyber vulnerabilities and threats.” That’s not an overblown sci-fi movie strapline, but rather the chilling words of Gina Galasso, managing director of The Aerospace Corporation UK, a member of the international collaborative organisation, Space ISAC (the Space Information ...

  • Bangkok Airways apologizes for passport info breach as LockBit ransomware group threatens data leak

    August 30, 2021

    Bangkok Airways has apologized for a data breach involving passport information and other personal data in a statement to customers. The company said that it discovered a “cybersecurity attack which resulted in unauthorized and unlawful access to its information system” on August 23. The statement said the company is “deeply sorry for the worry and inconvenience that ...

  • Lazarus Targets Job-Seeking Engineers with Malicious Documents

    July 9, 2021

    The notorious Lazarus advanced persistent threat (APT) group has been identified as the cybergang behind a campaign spreading malicious documents to job-seeking engineers. The ploy involves impersonating defense contractors seeking job candidates. Researchers have been tracking Lazarus activity for months with engineering targets in the United States and Europe, according to a report published online by ...

  • The Aviation Industry Needs to Move Towards Cyber Resilience

    July 5, 2021

    2021 is a significant year for aviation. It marks the 20th anniversary of the 9/11 attacks, the worst acts of unlawful interference in the history of aviation. It is also the Year of Security Culture for the ICAO community, which aims to enhance security awareness and foster a security culture throughout the industry. The importance ...

  • REvil ransomware hits US nuclear weapons contractor

    June 14, 2021

    US nuclear weapons contractor Sol Oriens has suffered a cyberattack allegedly at the hands of the REvil ransomware gang, which claims to be auctioning data stolen during the attack. Sol Oriens describes itself as helping the “Department of Defense and Department of Energy Organizations, Aerospace Contractors, and Technology Firms carry out complex programs.” However, job postings first ...

  • Air India cyber-attack: Data of millions of customers compromised

    May 22, 2021

    India’s national airline Air India has said a cyber-attack on its data servers affected about 4.5 million customers around the world. The breach was first reported to the company in February. Details including passport and ticket information as well as credit-card data were compromised. But Air India said security details for credit cards – CVV or CVC ...

  • Here’s how we got persistent shell access on a Boeing 747 – Pen Test Partners

    May 21, 2021

    Researchers from infosec biz Pen Test Partners established a persistent shell on an in-flight entertainment (IFE) system from a Boeing 747 airliner after exploiting a vulnerability dating back to 1999. It’s an attack that’s more of a curiosity than anything else: it’s too difficult to pull off during an actual flight, and it’s rare these days ...

  • Fresh Loader Targets Aviation Victims with Spy RATs

    May 13, 2021

    A cyberattack campaign that goes after aviation targets has been uncovered, which is spreading remote access trojan (RAT) malware bent on cyber-espionage. Researchers from Microsoft said this week on Twitter that spear-phishing emails are the main attack vector. Individuals in the aerospace and travel sectors are being targeted with a range of gambits, such as using ...

  • Passwordstate password manager hacked in supply chain attack

    April 23, 2021

    Click Studios, the company behind the Passwordstate enterprise password manager, notified customers that attackers compromised the app’s update mechanism to deliver malware in a supply-chain attack after breaching its networks. Passwordstate is an on-premises password management solution used by over 370,000 security and IT professionals at 29,000 companies worldwide, as the company claims. Its customer list includes ...

  • The Security dilemma of smart factories [Part 3] Fundamental security risks in robot languages

    April 19, 2021

    Industrial robots are the core of the automation of manufacturing processes in smart factories, and are the most important components as they support the manufacture of all kinds of products such as automobiles, aircraft, processed foods, and pharmaceuticals. In addition, as equipment that realizes unmanned manufacturing in the post-COVID-19 world where minimal or no contact ...

  • USB threats to ICS systems have nearly doubled

    April 1, 2021

    The latest Honeywell USB Threat Report 2020 indicates that the number of threats specifically targeting Operational Technology systems has nearly doubled from 16% to 28%, while the number of threats capable of disrupting those systems rose from 26% to 59% over the same period. Let’s face it. Critical infrastructure operators in manufacturing, aerospace, energy, shipping, chemical, ...

  • SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests

    March 18, 2021

    Cyberattackers involved in worldwide hacking campaigns are using the compromised systems of high-profile victims as playgrounds to test out malicious tool detection rates. On Thursday, Swiss cybersecurity firm Prodaft said that SilverFish (.PDF), an “extremely skilled” threat group, has been responsible for intrusions at over 4,720 private and government organizations including “Fortune 500 companies, ministries, airlines, ...