January 23, 2020
Airports Council International (ACI) World and A-ISAC announced today they have signed an agreement that better enables ACI members to join the A-ISAC for access to airport-specific cyber threat intelligence and actionable data that will enhance their ability to build cyber resiliency.
Both organizations play an active role in supporting the global aviation network; by increasing ... January 13, 2020
The Israeli government approved a civil aviation cybersecurity program, the Israel National Cyber Directorate (INCD) reported on Sunday.
As part of the plan, a national steering committee will be established, to advance Israel’s capabilities in this field.
The committee, headed by the INCD, will have representatives from Israel’s Ministry of Transport, the Civil Aviation Authority, Israel’s Airports ... December 12, 2019
The threat group regularly referred to as APT33 is known to target the oil and aviation industries aggressively. This threat group has been reported on consistently for years, but our recent findings show that the group has been using about a dozen live Command and Control (C&C) servers for extremely narrow targeting. The group puts up multiple layers of obfuscation to ... August 20, 2019
Security researchers have discovered an unpatchable security flaw in a popular brand of system-on-chip (SoC) boardsmanufactured by Xilinx.
The vulnerable component is Xilinx’s Zynq UltraScale+ brand, which includes system-on-chip (SoC), multi-processor system-on-chip (MPSoC), and radio frequency system-on-chip (RFSoC) products used inside automotive, aviation, consumer electronics, industrial, and military components.
According to security researchers with Inverse Path — F-Secure’s hardware ... August 13, 2019
A vulnerability in British Airways’ e-ticketing system could enable a bad actor to view passengers’ personal data or change their booking information.
A security bug discovered in British Airways’ e-ticketing system has the potential to expose passengers’ data, including their flight booking details and personal information.
Researchers on Tuesday said that check-in links being sent by British ... July 30, 2019
The alert from the DHS critical infrastructure computer emergency response team. warns that modern flight systems are vulnerable to hacking if a person manages to gain unrestricted access to an aircraft. The alert also recommends that small plane owners restrict unauthorized physical access to their aircraft the best they can. It warns that access should remain limited until ... July 2, 2019
There’s an urgent need for NATO and its member countries to address the cybersecurity of space-based satellite control systems because they’re vulnerable to cyberattacks – and if left unaddressed, it could have severe consequences for global security, a new paper from a major thinktank on international affairs has warned.
Almost all modern military engagements rely on space-based assets, ... March 11, 2019
NASA’s Office of the Inspector General has once again concluded the American space agency’s tech security practices are “not consistently implemented”.
Confirmation that the US government department’s infosec abilities are not up to scratch was a repeat of last year’s federally mandated security audit, which also found that processes and procedures were below par.
Oversight personnel from ... February 7, 2019
Researchers have discovered that multiple airline e-ticketing systems do not encrypt check-in links. The security faux pas could allow bad actors on the same network as the victim to view – and in some cases even change – their flight booking details or boarding passes.
Security researchers at Wandera said that eight airlines have been sending ... January 30, 2019
European aerospace corporation Airbus disclosed today a security breach that impacted its commercial aircraft manufacturing business.
The company said the security breach “resulted in unauthorised access to data.”
According to a press release published earlier today, Airbus said that “some personal data was accessed,” but “mostly professional contact and IT identification details of some Airbus employees in Europe.”
Read more…
Source: ... December 19, 2018
The US National Aeronautics and Space Administration (NASA) admitted today to getting hacked earlier this year.
In an internal memo sent to all employees, the agency said that an unknown intruder gained access to one of its servers storing the personal data of current and former employees. Social Security numbers were also compromised, NASA said.
The agency ... September 13, 2018
The Iran-linked APT appears to be in a state of continuous tool development, analogous to the DevOps efforts seen in the legitimate software world.
OilRig, an APT group believed to have ties to Iran, has been spotted in yet another campaign in the Middle East – this time targeting victims within an undisclosed government using an ... April 5, 2018
Hackers have had access to Delta customer payment data for over six months after third party breach
US airline Delta Air Lines and American department store Sears Holding have both confirmed a data breach, after an incident involving a third party tech provider.
Delta said that it was notified last week by 7.ai, a company that provides online chat ... December 10, 2017
A skilled hacker in Vietnam stole sensitive security details and building plans from Perth Airport after breaking into its computer systems.
The West Australian can reveal Vietnamese man Le Duc Hoang Hai used the credentials of a third-party contractor to get access to the airport’s computer systems in March last year.
Prime Minister Malcolm Turnbull’s cybersecurity adviser Alastair ... November 14, 2017
The North Korean government has likely been using the malware since 2016 to target the aerospace, telecommunications, and finance industries, the US government says.
The federal government on Tuesday issued an alert detailing the North Korean government’s use of malware known as FALLCHILL, warning that North Korea has likely been using the malware since 2016 to target the ... November 10, 2017
There’s some unsettling news about one of America’s most widely-used jetliners.
In a test, experts working with Homeland Security hacked into a Boeing 757. The team of researchers needed only two days in September 2016 to remotely hack into a 757 parked at the airport in Atlantic City, New Jersey.
Speaking at a conference this week, Robert Hickey of ... October 12, 2017
Defence Industry Minister Christopher Pyne has warned firms they face losing government contracts if they do not have strong levels of protection against cyber attacks in place after a massive hack of secret data involving Australia’s new fleet of Joint Strike Fighter aircraft, spy planes and warships.
As cyber security experts backed the minister’s call, Mr Pyne deflected ... July 28, 2017
Virgin America has confirmed in a letter sent to employees that its network was compromised by hackers, with data belonging to thousands of workers compromised and possibly stolen by the attackers.
While an investigation is already under way, the airline did not provide any specifics about the hackers, saying instead that it’s working with law enforcement ... July 14, 2017
A handful of vulnerabilities in Siemens’ SiPass integrated server have been patched, including one that allows an attacker to bypass authentication on the box.
SiPass is the company’s integrated access control server managing physical access in a number of industries and use cases. The product supports card readers and integrates with video surveillance equipment, among other ... July 12, 2017
The German military’s aviation safety chief has launched a new initiative against cyber threats, citing research that he said shows hackers can commandeer military airplanes with the help of equipment that costs about 5,000 euros ($5,700).
A defense ministry spokesman told Reuters that development of new “aviation cyber expertise” would cover everything from raising consciousness about ...